{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-41232", "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "state": "PUBLISHED", "assignerShortName": "vmware", "dateReserved": "2025-04-16T09:29:46.972Z", "datePublished": "2025-05-21T10:23:07.078Z", "dateUpdated": "2025-05-22T03:55:15.247Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "packageName": "Spring Security", "product": "Spring Security", "vendor": "Spring", "versions": [{"lessThan": "6.4.6", "status": "affected", "version": "6.4.x", "versionType": "oss"}]}], "datePublic": "2025-05-19T10:19:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Spring Security Aspects may not correctly locate method security annotations on private methods. This can cause an authorization bypass.</p><p>Your application may be affected by this if the following are true:</p><ol><li>You are using <code>@EnableMethodSecurity(mode=ASPECTJ)</code>&nbsp;and <code>spring-security-aspects</code>, and</li><li>You have Spring Security method annotations on a private method</li></ol><p>In that case, the target method may be able to be invoked without proper authorization.</p><p>You are not affected if:</p><ol><li>You are not using <code>@EnableMethodSecurity(mode=ASPECTJ)</code>&nbsp;or <code>spring-security-aspects</code>, or</li><li>You have no Spring Security-annotated private methods</li></ol><br>"}], "value": "Spring Security Aspects may not correctly locate method security annotations on private methods. This can cause an authorization bypass.\n\nYour application may be affected by this if the following are true:\n\n * You are using @EnableMethodSecurity(mode=ASPECTJ)\u00a0and spring-security-aspects, and\n * You have Spring Security method annotations on a private method\nIn that case, the target method may be able to be invoked without proper authorization.\n\nYou are not affected if:\n\n * You are not using @EnableMethodSecurity(mode=ASPECTJ)\u00a0or spring-security-aspects, or\n * You have no Spring Security-annotated private methods"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "providerMetadata": {"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "shortName": "vmware", "dateUpdated": "2025-05-21T10:23:07.078Z"}, "references": [{"url": "http://spring.io/security/cve-2025-41232"}], "source": {"discovery": "UNKNOWN"}, "title": "CVE-2025-41232: Spring Security authorization bypass for method security annotations on private methods", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-693", "lang": "en", "description": "CWE-693 Protection Mechanism Failure"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-05-21T00:00:00+00:00", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3", "id": "CVE-2025-41232"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-22T03:55:15.247Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-41232", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-05-21T13:48:23.040837Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-693", "description": "CWE-693 Protection Mechanism Failure"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-21T13:48:09.087Z"}}], "cna": {"title": "CVE-2025-41232: Spring Security authorization bypass for method security annotations on private methods", "source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Spring", "product": "Spring Security", "versions": [{"status": "affected", "version": "6.4.x", "lessThan": "6.4.6", "versionType": "oss"}], "packageName": "Spring Security", "defaultStatus": "unaffected"}], "datePublic": "2025-05-19T10:19:00.000Z", "references": [{"url": "http://spring.io/security/cve-2025-41232"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Spring Security Aspects may not correctly locate method security annotations on private methods. This can cause an authorization bypass.\n\nYour application may be affected by this if the following are true:\n\n * You are using @EnableMethodSecurity(mode=ASPECTJ)\u00a0and spring-security-aspects, and\n * You have Spring Security method annotations on a private method\nIn that case, the target method may be able to be invoked without proper authorization.\n\nYou are not affected if:\n\n * You are not using @EnableMethodSecurity(mode=ASPECTJ)\u00a0or spring-security-aspects, or\n * You have no Spring Security-annotated private methods", "supportingMedia": [{"type": "text/html", "value": "<p>Spring Security Aspects may not correctly locate method security annotations on private methods. This can cause an authorization bypass.</p><p>Your application may be affected by this if the following are true:</p><ol><li>You are using <code>@EnableMethodSecurity(mode=ASPECTJ)</code>&nbsp;and <code>spring-security-aspects</code>, and</li><li>You have Spring Security method annotations on a private method</li></ol><p>In that case, the target method may be able to be invoked without proper authorization.</p><p>You are not affected if:</p><ol><li>You are not using <code>@EnableMethodSecurity(mode=ASPECTJ)</code>&nbsp;or <code>spring-security-aspects</code>, or</li><li>You have no Spring Security-annotated private methods</li></ol><br>", "base64": false}]}], "providerMetadata": {"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "shortName": "vmware", "dateUpdated": "2025-05-21T10:23:07.078Z"}}}, "cveMetadata": {"cveId": "CVE-2025-41232", "state": "PUBLISHED", "dateUpdated": "2025-05-22T03:55:15.247Z", "dateReserved": "2025-04-16T09:29:46.972Z", "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "datePublished": "2025-05-21T10:23:07.078Z", "assignerShortName": "vmware"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Spring Security Aspects may not correctly locate method security annotations on private methods. This can cause an authorization bypass.\n\nYour application may be affected by this if the following are true:\n\n * You are using @EnableMethodSecurity(mode=ASPECTJ)\u00a0and spring-security-aspects, and\n * You have Spring Security method annotations on a private method\nIn that case, the target method may be able to be invoked without proper authorization.\n\nYou are not affected if:\n\n * You are not using @EnableMethodSecurity(mode=ASPECTJ)\u00a0or spring-security-aspects, or\n * You have no Spring Security-annotated private methods"}], "id": "CVE-2025-41232", "lastModified": "2025-05-21T20:24:58.133", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "[email protected]", "type": "Secondary"}]}, "published": "2025-05-21T12:16:21.993", "references": [{"source": "[email protected]", "url": "http://spring.io/security/cve-2025-41232"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-693"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"bugzilla": {"description": "Spring-Security: Spring Security authorization bypass for method security annotations on private methods", "id": "2367758", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367758"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.4", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "status": "draft"}, "cwe": "CWE-306", "details": ["Spring Security Aspects may not correctly locate method security annotations on private methods. This can cause an authorization bypass.\nYour application may be affected by this if the following are true:\n* You are using @EnableMethodSecurity(mode=ASPECTJ)\u00a0and spring-security-aspects, and\n* You have Spring Security method annotations on a private method\nIn that case, the target method may be able to be invoked without proper authorization.\nYou are not affected if:\n* You are not using @EnableMethodSecurity(mode=ASPECTJ)\u00a0or spring-security-aspects, or\n* You have no Spring Security-annotated private methods", "A flaw was found in Spring Security Aspects. Affected versions of this package are vulnerable to Missing Authentication for Critical Function due to improperly locating method security annotations on private methods. An attacker could invoke the target method without proper authorization by exploiting this vulnerability."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2025-41232", "package_state": [{"cpe": "cpe:/a:redhat:a_mq_clients:2", "fix_state": "Not affected", "package_name": "spring-security-core", "product_name": "A-MQ Clients 2"}, {"cpe": "cpe:/a:redhat:ocp_tools", "fix_state": "Not affected", "package_name": "jenkins", "product_name": "OpenShift Developer Tools and Services"}, {"cpe": "cpe:/a:redhat:camel_spring_boot:4", "fix_state": "Affected", "package_name": "spring-security-core", "product_name": "Red Hat build of Apache Camel for Spring Boot 4"}, {"cpe": "cpe:/a:redhat:quarkus:3", "fix_state": "Not affected", "package_name": "quarkus-bom", "product_name": "Red Hat build of Quarkus"}, {"cpe": "cpe:/a:redhat:jboss_data_grid:8", "fix_state": "Not affected", "package_name": "spring-security-core", "product_name": "Red Hat Data Grid 8"}, {"cpe": "cpe:/a:redhat:jboss_fuse:7", "fix_state": "Not affected", "package_name": "org.apache.servicemix.bundles.spring-security-core", "product_name": "Red Hat Fuse 7"}, {"cpe": "cpe:/a:redhat:jboss_fuse:7", "fix_state": "Not affected", "package_name": "spring-security-core", "product_name": "Red Hat Fuse 7"}, {"cpe": "cpe:/a:redhat:integration:1", "fix_state": "Not affected", "package_name": "spring-security-core", "product_name": "Red Hat Integration Camel K 1"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7", "fix_state": "Not affected", "package_name": "spring-security-core", "product_name": "Red Hat JBoss Enterprise Application Platform 7"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8", "fix_state": "Not affected", "package_name": "spring-security-core", "product_name": "Red Hat JBoss Enterprise Application Platform 8"}, {"cpe": "cpe:/a:redhat:jbosseapxp", "fix_state": "Not affected", "package_name": "spring-security-core", "product_name": "Red Hat JBoss Enterprise Application Platform Expansion Pack"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_bpms_platform:7", "fix_state": "Not affected", "package_name": "spring-security-core", "product_name": "Red Hat Process Automation 7"}, {"cpe": "cpe:/a:redhat:red_hat_single_sign_on:7", "fix_state": "Not affected", "package_name": "spring-security-core", "product_name": "Red Hat Single Sign-On 7"}, {"cpe": "cpe:/a:redhat:amq_streams:1", "fix_state": "Not affected", "package_name": "spring-security-core", "product_name": "streams for Apache Kafka"}], "public_date": "2025-05-21T10:23:07Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-41232\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-41232\nhttp://spring.io/security/cve-2025-41232"], "statement": "Red Hat build of Apache Camel for Spring Boot 4 does not use org.springframework.security:spring-security-aspects. We don't have this anywhere in camel/camel-spring-boot and we have no direct vulnerability in CSB. The risk lies with spring-boot-dependencies 3.4.5, which could pull in the vulnerable spring-security-aspects if explicitly added by a user.", "threat_severity": "Moderate"}