Spring Security 5.4.x prior to 5.4.4, 5.3.x prior to 5.3.8.RELEASE, 5.2.x prior to 5.2.9.RELEASE, and older unsupported versions can fail to save the SecurityContext if it is changed more than once in a single request.A malicious user cannot cause the bug to happen (it must be programmed in). However, if the application's intent is to only allow the user to run with elevated privileges in a small portion of the application, the bug can be leveraged to extend those privileges to the rest of the application.
References
Link Providers
http://www.openwall.com/lists/oss-security/2021/02/19/7 cve-icon cve-icon
https://lists.apache.org/thread.html/r163b3e4e39803882f5be05ee8606b2b9812920e196daa2a82997ce14%40%3Cpluto-dev.portals.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/r2cb05e499807900ba23e539643eead9c5f0652fd271f223f89da1804%40%3Cpluto-scm.portals.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/r37423ec7eea340e92a409452c35b649dce02fdc467f0b3f52086c177%40%3Cpluto-dev.portals.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/r3868207b967f926819fe3aa8d33f1666429be589bb4a62104a49f4e3%40%3Cpluto-dev.portals.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/r390783b3b1c59b978131ac08390bf77fbb3863270cbde59d5b0f5fde%40%3Cpluto-dev.portals.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/r413e380088c427f56102968df89ef2f336473e1b56b7d4b3a571a378%40%3Cpluto-dev.portals.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/r89aa1b48a827f5641310305214547f1d6b2101971a49b624737c497f%40%3Cpluto-dev.portals.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/ra53677224fe4f04c2599abc88032076faa18dc84b329cdeba85d4cfc%40%3Cpluto-scm.portals.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/ra6389b1b82108a3b6bbcd22979f7665fd437c2a3408c9509a15a9ca1%40%3Cpluto-dev.portals.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/redbd004a503b3520ae5746c2ab5e93fd7da807a8c128e60d2002cd9b%40%3Cissues.nifi.apache.org%3E cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2021-22112 cve-icon
https://tanzu.vmware.com/security/cve-2021-22112 cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2021-22112 cve-icon
https://www.jenkins.io/security/advisory/2021-02-19/ cve-icon
https://www.oracle.com//security-alerts/cpujul2021.html cve-icon cve-icon
https://www.oracle.com/security-alerts/cpuApr2021.html cve-icon cve-icon
https://www.oracle.com/security-alerts/cpuoct2021.html cve-icon cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: vmware

Published: 2021-02-23T18:48:02

Updated: 2024-08-03T18:30:24.008Z

Reserved: 2021-01-04T00:00:00

Link: CVE-2021-22112

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-02-23T19:15:13.573

Modified: 2024-11-21T05:49:31.850

Link: CVE-2021-22112

cve-icon Redhat

Severity : Important

Publid Date: 2021-02-19T00:00:00Z

Links: CVE-2021-22112 - Bugzilla