Vulnerability description
Spring Security is a security framework that provides declarative security protection for Spring-based applications.
In the affected version of Spring Security, since the authorization rules of Spring Security will be applied to the entire application context, when the application contains multiple servlets, and one of them is DispatcherServlet, use the requestMatchers(String) method to mistakenly assign non-Spring The MVC endpoint is added to the authorization rules, and the attacker can send requests to this endpoint, thereby bypassing the authorization rules to gain access.
Vulnerability name | Spring Security authentication rule misconfiguration risk |
---|---|
Vulnerability type | Improper allocation of key resource permissions |
Discovery time | 2023/7/18 |
Vulnerability Breadth | - |
MPS number | MPS-l6z0-dktm |
CVE number | CVE-2023-34035 |
CNVD number | - |
Sphere of influence
org.springframework.security:spring-security-config@[6.0.0, 6.0.5)
org.springframework.security:spring-security-config@[5.8.0, 5.8.5)
org.springframework.security:spring-security-config@[6.1.0, 6.1.2)
libspring-security-2.0-java@ affects all versions
Repair plan
Upgrade the component org.springframework.security:spring-security-config to version 6.0.5 and above
Change the non-Spring MVC endpoint pointed to by requestMatchers(String) to requestMatchers(new AntPathRequestMatcher("/endpoint"))
Upgrade the component org.springframework.security:spring-security-config to version 6.1.2 and above
reference link
https://www.oscs1024.com/hd/MPS-l6z0-dktm
https://nvd.nist.gov/vuln/detail/CVE-2023-34035
https://spring.io/security/cve-2023-34035
https://github.com/spring-projects/spring-security/commit/df239b6448ccf138b0c95b5575a88f33ac35cd9a
About Murphy Security
Murphy Security is a technology company that provides you with professional software supply chain security management. The core team comes from Baidu, Huawei, Wuyun and other enterprises. The company provides customers with a complete software supply chain security management platform, and provides software with a full life cycle around SBOM Security management, platform capabilities include software component analysis, source security management, container image detection, vulnerability intelligence early warning and commercial software supply chain access assessment and other products. Provide customers with complete control capabilities from supply chain asset identification management, risk detection, security control, and one-key repair.
Open source project: https://github.com/murphysecurity/murphysec/?sf=qbyj
The product can be integrated with various tools in the existing development process at a very low cost, including seamless integration with dozens of tools such as IDE, Gitlab, Bitbucket, Jenkins, Harbor, and Nexus.
Free code security detection tool: https://www.murphysec.com/?sf=qbyj
Free intelligence subscription: https://www.oscs1024.com/cm/?sf=qbyj