Authentication Bypass Vulnerability in VMware Spring Security
CVE-2012-5055

Currently unrated

Key Information:

Vendor: Vmware
Status: Springsource Spring Security
Vendor: CVE Published:; 5 December 2012

Summary

In VMware SpringSource Spring Security, an authentication bypass vulnerability exists that can be exploited by remote attackers. Due to insufficient password checks for non-existent users, attackers can potentially speed up username enumeration through a series of crafted login requests, revealing valid usernames without adequate security measures in place. This can significantly increase the risk of unauthorized access and exploitation of the affected applications.

References

http://support.springsource.com/security/CVE-2012-5055

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Dec 5, 2012