9.8

CVSS Score

3.1

-

CVSS Score

Basic Information

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2022-22978

CVE-2022-22978: Authorization bypass in Spring Security

In Spring Security versions 5.5.6 and 5.5.7 and older unsupported versions, RegexRequestMatcher can easily be misconfigured to be bypassed on some servlet containers. Applications using RegexRequestMatcher with . in the regular expression are possibly vulnerable to an authorization bypass.

(GitHub Advisory)

Miggo Vulnerability Database

→

CVE-2022-22978

CVE-2022-22978:

9.8

CVSS Score

3.1

-

CVSS Score

Basic Information

Technical Details

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
org.springframework.security:spring-security-core	maven	>= 5.6.0, < 5.6.4	5.6.4
org.springframework.security:spring-security-core	maven	>= 5.5.0, < 5.5.7	5.5.7
org.springframework.security:spring-security-core	maven	< 5.4.11	5.4.11
org.springframework.security:spring-security-web	maven	>= 5.5.0, < 5.5.7	5.5.7
org.springframework.security:spring-security-web	maven	>= 5.6.0, < 5.6.4	5.6.4
org.springframework.security:spring-security-web	maven	< 5.4.11	5.4.11

Technical Details

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from RegexRequestMatcher's URL construction and matching logic. The matches() method combines servletPath, pathInfo, and queryString directly, creating potential mismatches between the regex pattern and actual processed URLs in some containers. When patterns contain '.' (which matches any character in regex), attackers could bypass security checks using alternative URL encodings or path normalization. The CVE description explicitly implicates RegexRequestMatcher with '.' in regular expressions, and the class's source code shows the vulnerable URL construction pattern in the matches() method.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.

Reasoning

*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.

9.8

-

Basic Information

Basic Information

Concerned about an active attack path?

CVE-2022-22978: Authorization bypass in Spring Security

CVE-2022-22978:

9.8

-

Basic Information

Basic Information

Technical Details

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability IntelligenceMiggo AI

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Basic Information

Basic Information

9.8

9.8

Technical Details

CVE-2022-22978: Authorization bypass in Spring Security

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI