Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2026-40995
PUBLISHED
More InfoOfficial Page
Assigner-vmware
Assigner Org ID-dcf2e128-44bd-42ed-91e8-88f912c1401d
View Known Exploited Vulnerability (KEV) details
Published At-11 Jun, 2026 | 05:04
Updated At-23 Jun, 2026 | 19:48
Rejected At-
▼CVE Numbering Authority (CNA)
X.509 authentication bypasses Spring Security account checks

X509AuthenticationProvider could issue a fully authenticated X509AuthenticationToken when a presented certificate mapped to UserDetails, without applying Spring Security's standard account lifecycle checks (disabled, locked, expired, or credentials-expired accounts). Affected versions: Spring Web Services 5.0.0 through 5.0.1; 4.1.0 through 4.1.3; 4.0.0 through 4.0.18; 3.1.0 through 3.1.8.

Affected Products
Vendor
VMware (Broadcom Inc.)Spring
Product
Spring Web Services
Default Status
unaffected
Versions
Affected
  • From 5.0.0 before 5.0.1.1 (custom)
  • From 4.1.0 before 4.1.3.1 (custom)
  • From 4.0.0 before 4.0.19 (custom)
  • From 3.1.0 before 3.1.9 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-287CWE-287: Improper Authentication
Type: CWE
CWE ID: CWE-287
Description: CWE-287: Improper Authentication
Metrics
VersionBase scoreBase severityVector
3.15.4MEDIUM
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Version: 3.1
Base score: 5.4
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
N/AAccounts that are disabled, locked, expired, or have expired credentials can still authenticate when mutual TLS or certificate-based SOAP authentication is used via X509AuthenticationProvider.
CAPEC ID: N/A
Description: Accounts that are disabled, locked, expired, or have expired credentials can still authenticate when mutual TLS or certificate-based SOAP authentication is used via X509AuthenticationProvider.
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://spring.io/security/cve-2026-40995
N/A
Hyperlink: https://spring.io/security/cve-2026-40995
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
Details not found