CVE-2021-22112

8.8HIGH

Key Information:

Vendor
Vmware
Status
Spring Security
Vendor
CVE Published:
23 February 2021

Summary

Spring Security 5.4.x prior to 5.4.4, 5.3.x prior to 5.3.8.RELEASE, 5.2.x prior to 5.2.9.RELEASE, and older unsupported versions can fail to save the SecurityContext if it is changed more than once in a single request.A malicious user cannot cause the bug to happen (it must be programmed in). However, if the application's intent is to only allow the user to run with elevated privileges in a small portion of the application, the bug can be leveraged to extend those privileges to the rest of the application.

Affected Version(s)

Spring Security 5.4.x prior to 5.4.4, 5.3.x prior to 5.3.8.RELEASE, 5.2.x prior to 5.2.9.RELEASE

References

http://www.openwall.com/lists/oss-security/2021/02/19/7
mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/redbd004a503b3520ae5...
mailing-listx_refsource_MLIST
https://www.oracle.com/security-alerts/cpuApr2021.html
x_refsource_MISC

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.