CVE-2025-22228 | Vmware Spring Security up to 6.4.3 Long Password BCryptPasswordEncoder.matches improper authentication
A vulnerability was found in Vmware Spring Security up to 6.4.3. It has been rated as critical. This issue affects the function BCryptPasswordEncoder.matches of the component Long Password Handler. The manipulation leads to improper authentication.
The identification of this vulnerability is CVE-2025-22228. The attack may be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.