Bypassing Security Constraints via Path Parameter in VMware SpringSource Spring Security and Acegi Security

Bypassing Security Constraints via Path Parameter in VMware SpringSource Spring Security and Acegi Security

CVE-2010-3700 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

VMware SpringSource Spring Security 2.x before 2.0.6 and 3.x before 3.0.4, and Acegi Security 1.0.0 through 1.0.7, as used in IBM WebSphere Application Server (WAS) 6.1 and 7.0, allows remote attackers to bypass security constraints via a path parameter.

Learn more about our Cis Benchmark Audit For Ibm I.