Improper Authorization Allows Security Constraint Bypass
Summary
Improper Authorization Allows Security Constraint Bypass. Red Hat rates this moderate (CVSS 6.5). Weakness: CWE-551.
- 11.0.0
- 11.0.22
- 10.1.0
- 10.1.55
- 9.0.0
- 9.0.118
- 8.5.0
- 8.5.100
- 7.0.0
- 7.0.109
Official advisory · high-confidence parse· fetched 7 hours ago·verify at source
- 11.0.23
- 10.1.56
- 9.0.119
Official advisory · high-confidence parse· fetched 7 hours ago·verify at source
Mitigation checklist
- Review your application's web.xml file. Ensure security constraints explicitly deny unauthorized users by path, rather than relying strictly on filtering specific HTTP methods (like GET or POST).
Official advisory · high-confidence parse· fetched 7 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.