CVE-2021-22112

CVE Database · CVE-2021-22112

CVE-2021-22112

· HIGHModified

CVSS v3.1

8.8

EPSS

3.17%

Published

Feb 23, 2021

Modified

Nov 21, 2024

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Spring Security 5.4.x prior to 5.4.4, 5.3.x prior to 5.3.8.RELEASE, 5.2.x prior to 5.2.9.RELEASE, and older unsupported versions can fail to save the SecurityContext if it is changed more than once in a single request.A malicious user cannot cause the bug to happen (it must be programmed in). However, if the application's intent is to only allow the user to run with elevated privileges in a small portion of the application, the bug can be leveraged to extend those privileges to the rest of the application.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products (11)

pivotal_software · spring_security (up to 5.2.9)vulnerable

pivotal_software · spring_security (up to 5.3.8)vulnerable

vmware · spring_security (up to 5.4.4)vulnerable

oracle · communications_element_managervulnerable

oracle · communications_interactive_session_recordervulnerable

oracle · communications_unified_inventory_managementvulnerable

oracle · hospitality_cruise_shipboard_property_management_systemvulnerable

oracle · insurance_policy_administration

References (20)