9.8

CVSS Score

3.1

Basic Information

CVE ID

CVE-2023-20873

GHSA ID

GHSA-g5h3-w546-pj7f

EPSS Score

0.58951%

CWE

Published

4/20/2023

Updated

7/8/2024

KEV Status

Technology

Java

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2023-20873

CVE-2023-20873: Spring Boot Security Bypass with Wildcard Pattern Matching on Cloud Foundry

In Spring Boot versions 3.0.0 - 3.0.5, 2.7.0 - 2.7.10, and older unsupported versions, an application that is deployed to Cloud Foundry could be susceptible to a security bypass. Users of affected versions should apply the following mitigation: 3.0.x users should upgrade to 3.0.6+. 2.7.x users should upgrade to 2.7.11+. Users of older, unsupported versions should upgrade to 3.0.6+ or 2.7.11+.

(GitHub Advisory)

9.8

CVSS Score

3.1

Basic Information

CVE ID

CVE-2023-20873

GHSA ID

GHSA-g5h3-w546-pj7f

EPSS Score

0.58951%

CWE

Published

4/20/2023

Updated

7/8/2024

KEV Status

Technology

Java

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
org.springframework.boot:spring-boot-actuator-autoconfigure	maven	>= 3.0.0, < 3.0.6	3.0.6
org.springframework.boot:spring-boot-actuator-autoconfigure	maven	>= 2.7.0, < 2.7.11	2.7.11
org.springframework.boot:spring-boot-actuator-autoconfigure	maven	>= 2.6.0, < 2.6.15	2.6.15
org.springframework.boot:spring-boot-actuator-autoconfigure	maven	< 2.5.15	2.5.15

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stemmed from using broad wildcard patterns ('/cloudfoundryapplication/**') in security configurations rather than dynamically generated paths based on actual endpoints. The commit diff shows the fix replaced static path matchers with logic using PathMappedEndpoints to collect all endpoint paths, indicating the original static pattern matching in these security configuration handlers was the vulnerable code path. The affected functions handled security filter chain configuration for Cloud Foundry deployments.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

In Sprin* *oot v*rsions *.*.* - *.*.*, *.*.* - *.*.**, *n* ol**r unsupport** v*rsions, *n *ppli**tion t**t is **ploy** to *lou* *oun*ry *oul* ** sus**pti*l* to * s**urity *yp*ss. Us*rs o* *****t** v*rsions s*oul* *pply t** *ollowin* miti**tion: *.*.x

Reasoning

T** vuln*r**ility st*mm** *rom usin* *ro** wil***r* p*tt*rns ('/*lou**oun*ry*ppli**tion/**') in s**urity *on*i*ur*tions r*t**r t**n *yn*mi**lly **n*r*t** p*t*s **s** on **tu*l *n*points. T** *ommit *i** s*ows t** *ix r*pl**** st*ti* p*t* m*t***rs wit

9.8

Basic Information

Concerned about an active attack path?

CVE-2023-20873: Spring Boot Security Bypass with Wildcard Pattern Matching on Cloud Foundry

9.8

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI