Skip to content
CVSS 4.2 · MEDIUM

CVE-2026-40968

When an authenticated user is denied access to a gRPC method, their authenticated identity remains bound to the gRPC worker thread and can be inherited by a subsequent unauthenticated request on the same thread. This may allow the subsequent user to gain escalated permissions. Affected versions: Spring gRPC: 1.0.0 - 1.0.2 (fixed in 1.0.3). Older, unsupported versions are also affected.

Ver en NVD

Severidad

Puntaje: 4.2(MEDIUM)
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
AV: NETWORK
AC: HIGH
PR: LOW
UI: NONE
S: UNCHANGED
C: LOW
I: LOW
A: NONE
Tipo de falla (CWE): CWE-653

EPSS

Probabilidad de explotación (próx. 30 días): 0.0003 (0.0%)
Percentil: 9.9%
EPSS: 2026-05-06

Afecta

vmware:spring_grpc

Descripción técnica

When an authenticated user is denied access to a gRPC method, their authenticated identity remains bound to the gRPC worker thread and can be inherited by a subsequent unauthenticated request on the same thread. This may allow the subsequent user to gain escalated permissions. Affected versions: Spring gRPC: 1.0.0 - 1.0.2 (fixed in 1.0.3). Older, unsupported versions are also affected.

Publicada: 28/4/2026, 15:16:30
Última modificación: 30/4/2026, 13:32:58

Referencias

InicioEventosBlogRecursosEquipo