Skip to main content

Springsource Spring Security

1 CVEs product

Monthly

CVE-2012-5055 Maven MEDIUM PATCH This Month

DaoAuthenticationProvider in VMware SpringSource Spring Security before 2.0.8, 3.0.x before 3.0.8, and 3.1.x before 3.1.3 does not check the password if the user is not found, which makes the. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

VMware Information Disclosure Java Springsource Spring Security
NVD
CVSS 2.0
5.0
EPSS
0.4%
EPSS 0% CVSS 5.0
MEDIUM PATCH This Month

DaoAuthenticationProvider in VMware SpringSource Spring Security before 2.0.8, 3.0.x before 3.0.8, and 3.1.x before 3.1.3 does not check the password if the user is not found, which makes the. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

VMware Information Disclosure Java +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy