Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2025-22235

Опубликовано: 28 апр. 2025
Источник: redhat
CVSS3: 7.3
EPSS Низкий

Описание

EndpointRequest.to() creates a matcher for null/** if the actuator endpoint, for which the EndpointRequest has been created, is disabled or not exposed. Your application may be affected by this if all the following conditions are met:

  • You use Spring Security
  • EndpointRequest.to() has been used in a Spring Security chain configuration
  • The endpoint which EndpointRequest references is disabled or not exposed via web
  • Your application handles requests to /null and this path needs protection You are not affected if any of the following is true:
  • You don't use Spring Security
  • You don't use EndpointRequest.to()
  • The endpoint which EndpointRequest.to() refers to is enabled and is exposed
  • Your application does not handle requests to /null or this path does not need protection

    A flaw was found in the Spring Boot configuration. This vulnerability allows unauthorised access to the /null/** path via misconfigured security matchers when referencing disabled or non-exposed Spring Boot actuator endpoints.

Отчет

Your application may be affected by this if all the following conditions are met:

  • You use Spring Security
  • EndpointRequest.to() has been used in a Spring Security chain configuration
  • The endpoint which EndpointRequest references is disabled or not exposed via web
  • Your application handles requests to /null and this path needs protection You are not affected if any of the following is true:
  • You don't use Spring Security
  • You don't use EndpointRequest.to()
  • The endpoint which EndpointRequest.to() refers to is enabled and is exposed
  • Your application does not handle requests to /null or this path does not need protection

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
AMQ Clientsspring-bootAffected
A-MQ Clients 2spring-bootAffected
Red Hat AMQ Broker 7spring-bootNot affected
Red Hat build of Apache Camel for Spring Boot 4spring-bootNot affected
Red Hat build of OptaPlanner 8spring-bootAffected
Red Hat Data Grid 8spring-bootWill not fix
Red Hat Enterprise Linux 8log4j:2/log4jNot affected
Red Hat Enterprise Linux 9log4jNot affected
Red Hat Fuse 7spring-bootWill not fix
Red Hat Integration Camel K 1spring-bootWill not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important
Дефект:
CWE-20
https://bugzilla.redhat.com/show_bug.cgi?id=2362668org.springframework.boot/spring-boot: Spring Boot EndpointRequest.to() creates wrong matcher if actuator endpoint is not exposed

EPSS

Процентиль: 26%
0.00087
Низкий

7.3 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2025-22235

CVSS3: 7.3
ubuntu
8 месяцев назад

EndpointRequest.to() creates a matcher for null/** if the actuator endpoint, for which the EndpointRequest has been created, is disabled or not exposed. Your application may be affected by this if all the following conditions are met: * You use Spring Security * EndpointRequest.to() has been used in a Spring Security chain configuration * The endpoint which EndpointRequest references is disabled or not exposed via web * Your application handles requests to /null and this path needs protection You are not affected if any of the following is true: * You don't use Spring Security * You don't use EndpointRequest.to() * The endpoint which EndpointRequest.to() refers to is enabled and is exposed * Your application does not handle requests to /null or this path does not need protection

nvd логотип

CVE-2025-22235

CVSS3: 7.3
nvd
8 месяцев назад

EndpointRequest.to() creates a matcher for null/** if the actuator endpoint, for which the EndpointRequest has been created, is disabled or not exposed. Your application may be affected by this if all the following conditions are met: * You use Spring Security * EndpointRequest.to() has been used in a Spring Security chain configuration * The endpoint which EndpointRequest references is disabled or not exposed via web * Your application handles requests to /null and this path needs protection You are not affected if any of the following is true: * You don't use Spring Security * You don't use EndpointRequest.to() * The endpoint which EndpointRequest.to() refers to is enabled and is exposed * Your application does not handle requests to /null or this path does not need protection

github логотип

GHSA-rc42-6c7j-7h5r

CVSS3: 7.3
github
8 месяцев назад

Spring Boot EndpointRequest.to() creates wrong matcher if actuator endpoint is not exposed

EPSS

Процентиль: 26%
0.00087
Низкий

7.3 High

CVSS3