Threat Advisories

Privilege Escalation in VMware spring-security

November 2, 2022

Threat Level

Vulnerability Report

For a detailed threat advisory, download the pdf file here

Summary

A vulnerability in VMware’s Spring Security affects the mapping of permitted scope in spring-security-oauth2-client, allowing privilege escalation.

Vulnerabilities & Threats that Matter 24-30 October 2022

Patch available for pre-announced Critical Vulnerability in OpenSSL