David Ohsie

Name of the Vulnerable Software and Affected Versions: Spring Security versions 3.1 through 3.2.4 Description: A malicious CAS Service could trick another CAS Service into authenticating a proxy ticket that was not associated, due to the proxy ticket authentication using information from the `HttpServletRequest` which is populated based upon untrusted information within the HTTP request. This means access control restrictions on which CAS services can authenticate to one another can be bypassed. If users are not using CAS Proxy tickets and not basing access control decisions based upon the CAS Service, then there is no impact to users. Recommendations: Users of version 3.1.x should upgrade to 3.1.7 or later Users of version 3.2.x should upgrade to 3.2.5 or later