VDB
CVE-2023-20862
CVE-2023-20862
PUBLISHED
Spring Security ist ein Framework, das Authentifizierung, Autorisierung und Schutz vor gängigen Angriffen bietet.
EPSS 0.46% · 64.5th percentile
Risk Scores
EPSS Score
0.46%
64.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu | Ubuntu Linux | |
| Red Hat | Red Hat Enterprise Linux | |
| Oracle | Oracle Communications 9.1.1.5.0 | |
| Amazon | Amazon Linux 2 | |
| Oracle | Oracle Utilities Applications 4.5.0.1.1 | |
| Oracle | Oracle Communications 22.4.0 | |
| Oracle | Oracle Utilities Applications <= 7.0.0.0 | |
| Oracle | Oracle MySQL <=8.0.34 | |
| Oracle | Oracle Communications Applications 7.3.6.4 | |
| Dell | Dell PowerEdge | |
| Oracle | Oracle Utilities Applications 13.4.1.0.0 | |
| Oracle | Oracle Communications Applications <= 5.5.17 | |
| Oracle | Oracle Communications 23.1.2 | |
| Oracle | Oracle Communications 23.2.0 | |
| Oracle | Oracle Communications Applications 7.3.5 | |
| VMware Tanzu | VMware Tanzu Spring Security <5.8.3 | |
| Oracle | Oracle Financial Services Applications 8.1.2.3 | |
| Oracle | Oracle Utilities Applications <= 4.3.0.6.0 | |
| VMware Tanzu | VMware Tanzu Spring Security <6.0.3 | |
| Oracle | Oracle Communications 23.1.1 |
…and 76 more
Exploit Intelligence
- dependency-check-suppress.xml (github-poc)
- dependency-check-suppress.xml (github-poc)
- dependency-check-suppress.xml (github-poc)
- dependency-check-suppress.xml (github-poc)
- dependency-check-suppress.xml (github-poc)
- dependency-check-suppress.xml (github-poc)
Timeline
- Apr 17, 2023 CVE Published
- Apr 20, 2023 EPSS Score
- May 27, 2023 EPSS Score
- Jul 4, 2023 EPSS Score
- Aug 10, 2023 EPSS Score
- Sep 17, 2023 EPSS Score
- Oct 24, 2023 EPSS Score
- Dec 1, 2023 EPSS Score
- Jan 7, 2024 EPSS Score
- Mar 22, 2024 EPSS Score
- Apr 28, 2024 EPSS Score
- Jun 5, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0994.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0994 advisory
- https://spring.io/blog/2023/04/17/spring-security-6-1-0-rc1-6-0-3-5-8-3-and-5-7-8-released-fix-cve-2023-20862 advisory
- https://security.netapp.com/advisory/ntap-20230526-0002/ advisory
- https://www.ibm.com/support/pages/node/7001787 advisory
- https://www.ibm.com/support/pages/node/7003901 advisory
- https://www.dell.com/support/kbdoc/de-de/000338043/dsa-2025-258-security-update-for-dell-networker-multiple-third-party-component-vulnerabilities advisory
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1782.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1782 advisory
- https://www.oracle.com/security-alerts/cpujul2023.html#AppendixUTIL advisory
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1794.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1794 advisory
- https://www.ibm.com/support/pages/node/7095695 advisory
- https://access.redhat.com/errata/RHSA-2024:1141 advisory
- https://www.oracle.com/security-alerts/cpujul2023.html#AppendixMSQL advisory
- https://ubuntu.com/security/notices/USN-6288-1 advisory
- https://access.redhat.com/errata/RHSA-2024:0894 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2023-492105ed08 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2023-9ccff0b1b7 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2023-a9283d639f advisory
…and 21 more