CVE-2023-34035 PoC — Spring Security 安全漏洞

Source

https://github.com/mouadk/CVE-2023-34035-Poc

Associated Vulnerability

Title:Spring Security 安全漏洞 (CVE-2023-34035)
Description:VMware Spring Security是美国威睿（VMware）公司的一套为基于Spring的应用程序提供说明性安全保护的安全框架。 Spring Security存在安全漏洞，该漏洞源于使用多个Servlet时会导致授权规则配置错误。受影响的产品和版本：Spring Security 5.8.5之前的5.8版本，6.0.5之前的6.0版本， 6.1.2之前的6.1版本。

Readme

# CVE-2023-34035: Incorrect Authorization

File Snapshot


 [4.0K]  /data/pocs/40c6f117f0dff264a4ea4c70bff785a5ba95626b
├── [4.0K]  demo
│   ├── [1.2K]  HELP.md
│   ├── [ 10K]  mvnw
│   ├── [6.6K]  mvnw.cmd
│   ├── [4.6K]  pom.xml
│   └── [4.0K]  src
│       ├── [4.0K]  main
│       │   ├── [4.0K]  kotlin
│       │   │   └── [4.0K]  com
│       │   │       └── [4.0K]  example
│       │   │           └── [4.0K]  demo
│       │   │               ├── [ 265]  Main.kt
│       │   │               ├── [ 241]  Resolver.kt
│       │   │               └── [1.0K]  SecurityConfiguration.kt
│       │   └── [4.0K]  resources
│       │       ├── [ 688]  application.yml
│       │       └── [4.0K]  graphql
│       │           └── [  34]  userepoql.graphqls
│       └── [4.0K]  test
│           └── [4.0K]  kotlin
│               └── [4.0K]  com
│                   └── [4.0K]  example
│                       └── [4.0K]  demo
│                           └── [ 211]  DemoApplicationTests.kt
└── [  42]  README.md

14 directories, 11 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!