CVE-2018-15801 LOW

CVE-2018-15801: Authorization Bypass During JWT Issuer Validation with spring-security

Vendor Spring By Pivotal
Product Spring Security
Published December 19, 2018
Last update September 16, 2024

CVSS base score

3.3/10
Attack vector Network
Attack complexity High
Privileges required High
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N

What the vulnerability does

01Description

Spring Security versions 5.1.x prior to 5.1.2 contain an authorization bypass vulnerability during JWT issuer validation. In order to be impacted, the same private key for an honest issuer and a malicious user must be used when signing JWTs. In that case, a malicious user could fashion signed JWTs with the malicious issuer URL that may be granted for the honest issuer.

Key dates

02Disclosure timeline

December 19, 2018 CVE published
September 16, 2024 Record updated