VDB

CVE-2024-22234

CVE-2024-22234 PUBLISHED

Es existiert eine Schwachstelle in VMware Tanzu Spring Security. Die Ursache ist eine fehlerhafte Zugriffskontrolle, wenn die Methode AuthenticationTrustResolver.isFullyAuthenticated(Authentication) direkt verwendet wird. Ein Angreifer kann diese Schwachstelle ausnutzen, um Sicherheitsmaßnahmen zu umgehen.

EPSS 1.66% · 82.4th percentile

Risk Scores

EPSS Score
1.66%
82.4th percentile

Affected Products

VendorProductVersions
OracleOracle Communications 15.0.0.0.0
OracleOracle Communications 23.4.0
OracleOracle Communications 23.4.1
OracleOracle Communications 4.2.0
OracleOracle Communications 23.4.2
Red HatRed Hat Enterprise Linux
OracleOracle Communications 12.11.3
OracleOracle Communications <=9.0.3
OracleOracle Communications 12.6.1.0.0
OracleOracle Communications 23.1.0
OracleOracle Communications <=23.4.4
OracleOracle Communications 24.1.0
OracleOracle Communications <=8.6.0.6
OracleOracle Communications 9.2.0
OracleOracle Communications 10.5
HitachiHitachi Ops Center
OracleOracle Communications 12.11.0
OracleOracle Communications 46.6.5
OracleOracle Communications 9.3.0
OracleOracle Communications 4.1.0

…and 7 more

Timeline

  • Feb 18, 2024 CVE Published
  • Feb 20, 2024 EPSS Score
  • Mar 18, 2024 EPSS Score
  • Apr 14, 2024 EPSS Score
  • May 11, 2024 EPSS Score
  • Jun 6, 2024 EPSS Score
  • Jul 30, 2024 EPSS Score
  • Aug 26, 2024 EPSS Score
  • Sep 22, 2024 EPSS Score
  • Oct 4, 2024 Coalition ESS Score
  • Oct 19, 2024 EPSS Score
  • Nov 15, 2024 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›