{
  "threat_severity" : "Important",
  "public_date" : "2024-03-18T00:00:00Z",
  "bugzilla" : {
    "description" : "spring-security: Broken Access Control With Direct Use of AuthenticatedVoter",
    "id" : "2270158",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2270158"
  },
  "cvss3" : {
    "cvss3_base_score" : "9.8",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
    "status" : "verified"
  },
  "cwe" : "CWE-284",
  "details" : [ "In Spring Security, versions 5.7.x prior to 5.7.12, 5.8.x prior to \n5.8.11, versions 6.0.x prior to 6.0.9, versions 6.1.x prior to 6.1.8, \nversions 6.2.x prior to 6.2.3, an application is possible vulnerable to \nbroken access control when it directly uses the AuthenticatedVoter#vote passing a null Authentication parameter.", "A broken access control flaw was found in Spring Security. Applications may be vulnerable when directly using the AuthenticatedVoter#vote passing a NULL authentication parameter." ],
  "statement" : "The AuthenticatedVoter class was deprecated since Spring Security 5.8 is used in favor of the AuthorizationManager class, which is not vulnerable to this issue.",
  "affected_release" : [ {
    "product_name" : "Red Hat build of Apache Camel 3.20.6 for Spring Boot",
    "release_date" : "2024-06-06T00:00:00Z",
    "advisory" : "RHSA-2024:3708",
    "cpe" : "cpe:/a:redhat:apache_camel_spring_boot:3.20.6"
  }, {
    "product_name" : "Red Hat build of Apache Camel 4.4.1 for Spring Boot 3.2",
    "release_date" : "2024-07-25T00:00:00Z",
    "advisory" : "RHSA-2024:4884",
    "cpe" : "cpe:/a:redhat:apache_camel_spring_boot:4.4::el6"
  }, {
    "product_name" : "Red Hat Fuse 7.13.0",
    "release_date" : "2024-05-23T00:00:00Z",
    "advisory" : "RHSA-2024:3354",
    "cpe" : "cpe:/a:redhat:jboss_fuse:7"
  } ],
  "package_state" : [ {
    "product_name" : "A-MQ Clients 2",
    "fix_state" : "Not affected",
    "package_name" : "spring-security",
    "cpe" : "cpe:/a:redhat:a_mq_clients:2"
  }, {
    "product_name" : "OpenShift Developer Tools and Services",
    "fix_state" : "Will not fix",
    "package_name" : "jenkins",
    "cpe" : "cpe:/a:redhat:ocp_tools"
  }, {
    "product_name" : "Red Hat build of Apache Camel for Spring Boot 3",
    "fix_state" : "Affected",
    "package_name" : "spring-security",
    "cpe" : "cpe:/a:redhat:camel_spring_boot:3"
  }, {
    "product_name" : "Red Hat build of Apache Camel for Spring Boot 4",
    "fix_state" : "Affected",
    "package_name" : "spring-security",
    "cpe" : "cpe:/a:redhat:camel_spring_boot:4"
  }, {
    "product_name" : "Red Hat build of Apache Camel - HawtIO 4",
    "fix_state" : "Will not fix",
    "package_name" : "spring-security",
    "cpe" : "cpe:/a:redhat:apache_camel_hawtio:4"
  }, {
    "product_name" : "Red Hat Build of Keycloak",
    "fix_state" : "Not affected",
    "package_name" : "spring-security",
    "cpe" : "cpe:/a:redhat:build_keycloak:"
  }, {
    "product_name" : "Red Hat Data Grid 8",
    "fix_state" : "Not affected",
    "package_name" : "spring-security",
    "cpe" : "cpe:/a:redhat:jboss_data_grid:8"
  }, {
    "product_name" : "Red Hat Fuse 7",
    "fix_state" : "Affected",
    "package_name" : "spring-security",
    "cpe" : "cpe:/a:redhat:jboss_fuse:7"
  }, {
    "product_name" : "Red Hat Integration Camel K 1",
    "fix_state" : "Not affected",
    "package_name" : "spring-security",
    "cpe" : "cpe:/a:redhat:integration:1"
  }, {
    "product_name" : "Red Hat JBoss Data Grid 7",
    "fix_state" : "Not affected",
    "package_name" : "spring-security",
    "cpe" : "cpe:/a:redhat:jboss_data_grid:7"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 3.11",
    "fix_state" : "Affected",
    "package_name" : "jenkins",
    "cpe" : "cpe:/a:redhat:openshift:3.11"
  }, {
    "product_name" : "Red Hat OpenShift Dev Spaces",
    "fix_state" : "Affected",
    "package_name" : "devspaces/pluginregistry-rhel8",
    "cpe" : "cpe:/a:redhat:openshift_devspaces:3"
  }, {
    "product_name" : "Red Hat Process Automation 7",
    "fix_state" : "Will not fix",
    "package_name" : "spring-security",
    "cpe" : "cpe:/a:redhat:jboss_enterprise_bpms_platform:7"
  }, {
    "product_name" : "Red Hat Single Sign-On 7",
    "fix_state" : "Not affected",
    "package_name" : "spring-security",
    "cpe" : "cpe:/a:redhat:red_hat_single_sign_on:7"
  }, {
    "product_name" : "streams for Apache Kafka",
    "fix_state" : "Not affected",
    "package_name" : "spring-security",
    "cpe" : "cpe:/a:redhat:amq_streams:1"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2024-22257\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-22257\nhttps://spring.io/security/cve-2024-22257" ],
  "name" : "CVE-2024-22257",
  "mitigation" : {
    "value" : "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
    "lang" : "en:us"
  },
  "csaw" : false
}