PT-2023-17684 · Unknown · Spring Boot
Published
2023-04-20
·
Updated
2023-08-28
·
CVE-2023-20873
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Spring Boot versions 3.0.0 through 3.0.5
Spring Boot versions 2.7.0 through 2.7.10
Spring Boot older unsupported versions
Description
An application that is deployed to Cloud Foundry could be susceptible to a security bypass.
Recommendations
For Spring Boot versions 3.0.0 through 3.0.5, upgrade to 3.0.6 or later.
For Spring Boot versions 2.7.0 through 2.7.10, upgrade to 2.7.11 or later.
For Spring Boot older unsupported versions, upgrade to 3.0.6 or later, or 2.7.11 or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Spring Boot