Bug 2262911 (CVE-2023-34042)

Summary: CVE-2023-34042 spring-security-config: Incorrect Permission Assignment for spring-security.xsd
Product: [Other] Security Response Reporter: Avinash Hanwate <ahanwate>
Component: vulnerabilityAssignee: Product Security <prodsec-ir-bot>
Status: NEW --- QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: aileenc, aschwart, asoldano, ataylor, bbaranow, bmaxwell, boliveir, brian.stansberry, chazlett, chfoley, cmiranda, darran.lofthouse, dhanak, dkreling, dosoudil, drichtar, drosa, fmariani, gmalinko, gtanzill, hbraun, ibek, istudens, ivassile, iweiss, janstey, jbuscemi, jpoth, jrokos, kaycoth, kverlaen, mnovotny, mosmerov, mposolda, msochure, mstefank, msvehla, mulliken, nwallace, owatkins, pcongius, pdelbell, pdrozd, peholase, pesilva, pjindal, pmackay, pskopek, rguimara, rowaters, rstancel, rstepani, sausingh, sdawley, smaestri, ssilvert, sthorger, swoodman, tcunning, tom.jenkinson, vmuzikar, yfang
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: spring-security-config 6.1.4, spring-security-config 6.0.7, spring-security-config 5.8.7, spring-security-config 5.7.11 Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in the Spring-security-config jar file. The spring-security.xsd file inside the spring-security-config jar is world-writable, which means that if it were extracted, it could be written by anyone with access to the file system.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 2262912    

Description Avinash Hanwate 2024-02-06 04:41:59 UTC 
The spring-security.xsd file inside the spring-security-config jar is world writable which means that if it were extracted it could be written by anyone with access to the file system. While there are no known exploits, this is an example of “CWE-732: Incorrect Permission Assignment for Critical Resource” and could result in an exploit. Users should update to the latest version of Spring Security to mitigate any future exploits found around this issue.

https://spring.io/security/cve-2023-34042