CVE-2024-22233

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Jan 22, 2024
Updated: Jan 29, 2024

Summary

CVE-2024-22233 is a vulnerability in Spring Framework versions 6.0.15 and 6.1.2 that could allow a user to launch a denial-of-service (DoS) attack by sending specially crafted HTTP requests. This vulnerability affects applications that use Spring MVC and have either Spring Security 6.1.6+ or 6.2.1+ on their classpath, with Spring Boot applications typically requiring specific dependencies. The base severity of this vulnerability is rated as HIGH, with a base score of 7.5 out of 10. Remediation for this vulnerability involves updating to a fixed version of the affected software components to mitigate the potential danger it poses to organizations, including the risk of service disruption due to DoS attacks on vulnerable systems.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-22233 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options