Skip to main content

Spring Cloud Sso Connector

1 CVEs product

Monthly

CVE-2018-1256 Maven HIGH PATCH This Week

Spring Cloud SSO Connector, version 2.1.2, contains a regression which disables issuer validation in resource servers that are not bound to the SSO service. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Information Disclosure Spring Cloud Sso Connector
NVD
CVSS 3.1
8.1
EPSS
1.6%
EPSS 2% CVSS 8.1
HIGH PATCH This Week

Spring Cloud SSO Connector, version 2.1.2, contains a regression which disables issuer validation in resource servers that are not bound to the SSO service. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Information Disclosure Spring Cloud Sso Connector
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy