SB2022051717 - Multiple vulnerabilities in VMware Spring Security

Description

This security bulletin contains information about 3 secuirty vulnerabilities.

1) Improper Authorization (CVE-ID: CVE-2022-22975)

The vulnerability allows a remote attacker to bypass authorization checks.

The vulnerability exists due to an authorization bypass issue in RegexRequestMatcher. A remote attacker can bypass RegexRequestMatcher on some servlet containers.

2) Integer overflow (CVE-ID: CVE-2022-22976)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow in BCrypt class with the maximum work factor (31) for BCryptPasswordEncoder. The encoder does not perform any salt rounds, which weakens encryption capabilities of the software.

3) Improper Authorization (CVE-ID: CVE-2022-22978)

The vulnerability allows a remote attacker to bypass authorization process.

The vulnerability exists due to input validation error when processing untrusted input in applications that are using RegexRequestMatcher with `.` in the regular expression. A remote non-authenticated attacker can bypass authorization checks.

Remediation

Install update from vendor's website.

References

• https://github.com/vmware-tanzu/pinniped/security/advisories/GHSA-hvrf-5hhv-4348
• https://tanzu.vmware.com/security/cve-2022-22976
• https://tanzu.vmware.com/security/cve-2022-22978