Authentication Bypass

Spring Boot Security Bypass Vulnerability (CVS-2023-20873) Notice

abril 25, 2023

Overview Recently, NSFOCUS CERT found that Spring officially issued a security notice, which fixed a Spring Boot authentication bypass vulnerability (CVE-2023-20873). When Spring Boot is deployed to Cloud Foundry and there is code/cloudFoundryapplication/* * that can handle matching requests, and used in conjunction with a catch all request mapping that matches/* *, unauthenticated remote attackers […]


Inscreva-se no Blog da NSFOCUS