CVE-2025-22232

{"id": "CVE-2025-22232", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security@vmware.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2025-04-10T18:15:46.640", "references": [{"url": "https://spring.io/security/cve-2025-22232", "source": "security@vmware.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "security@vmware.com", "description": [{"lang": "en", "value": "CWE-287"}]}], "descriptions": [{"lang": "en", "value": "Spring Cloud Config Server may not use Vault token sent by clients using a X-CONFIG-TOKEN\u00a0header when making requests to Vault.\nYour application may be affected by this if the following are true:\n * You have Spring Vault on the classpath of your Spring Cloud Config Server and\n * You are using the X-CONFIG-TOKEN\u00a0header to send a Vault token to the Spring Cloud Config Server for the Config Server to use when making requests to Vault and\n * You are using the default Spring Vault SessionManager\u00a0implementation LifecycleAwareSessionManager\u00a0or a SessionManager\u00a0implementation that persists the Vault token such as SimpleSessionManager.\n\nIn this case the SessionManager\u00a0persists the first token it retrieves and will continue to use that token even if client requests to the Spring Cloud Config Server include a X-CONFIG-TOKEN\u00a0header with a different value.\nAffected Spring Products and Versions\nSpring Cloud Config:\n * 2.2.1.RELEASE - 4.2.1\n\n\nMitigation\nUsers of affected versions should upgrade to the corresponding fixed version.\n\nAffected version(s)Fix versionAvailability4.2.x4.2.2OSS4.1.x4.1.6OSS4.0.x4.0.10Commercial3.1.x3.1.10Commercial3.0.x4.1.6OSS2.2.x4.1.6OSS\nNOTE: Spring Cloud Config 3.0.x and 2.2.x are no longer under open source or commercial support. Users of these versions are encouraged to upgrade to a supported version.\n\nNo other mitigation steps are necessary."}, {"lang": "es", "value": "Es posible que Spring Cloud Config Server no use el token de Vault enviado por los clientes que utilizan un encabezado X-CONFIG-TOKEN al realizar solicitudes a Vault. Su aplicaci\u00f3n puede verse afectada por esto si se cumplen las siguientes condiciones: * Tiene Spring Vault en la ruta de clase de su Spring Cloud Config Server y * Est\u00e1 usando el encabezado X-CONFIG-TOKEN para enviar un token de Vault a Spring Cloud Config Server para que Config Server lo use al realizar solicitudes a Vault y * Est\u00e1 usando la implementaci\u00f3n predeterminada de Spring Vault SessionManager, LifecycleAwareSessionManager, o una implementaci\u00f3n de SessionManager que persiste el token de Vault, como SimpleSessionManager. En este caso, SessionManager conserva el primer token que recupera y continuar\u00e1 usando ese token incluso si las solicitudes del cliente al Spring Cloud Config Server incluyen un encabezado X-CONFIG-TOKEN con un valor diferente. Productos y versiones de Spring afectados Spring Cloud Config: * 2.2.1.RELEASE - 4.2.1 Mitigaci\u00f3n Los usuarios de las versiones afectadas deben actualizar a la versi\u00f3n corregida correspondiente.Versi\u00f3n corregida Disponibilidad4.2.x4.2.2OSS4.1.x4.1.6OSS4.0.x4.0.10Comercial3.1.x3.1.10Comercial3.0.x4.1.6OSS2.2.x4.1.6OSS NOTA: Spring Cloud Config 3.0.x y 2.2.x ya no cuentan con soporte comercial o de c\u00f3digo abierto. Se recomienda a los usuarios de estas versiones que las actualicen a una versi\u00f3n compatible. No son necesarias otras medidas de mitigaci\u00f3n."}], "lastModified": "2025-04-11T15:39:52.920", "sourceIdentifier": "security@vmware.com"}