Authentication Bypass Vulnerability in VMware Spring Security
CVE-2012-5055
Currently unrated
Summary
In VMware SpringSource Spring Security, an authentication bypass vulnerability exists that can be exploited by remote attackers. Due to insufficient password checks for non-existent users, attackers can potentially speed up username enumeration through a series of crafted login requests, revealing valid usernames without adequate security measures in place. This can significantly increase the risk of unauthorized access and exploitation of the affected applications.
References
Timeline
Vulnerability Reserved
Vulnerability published