CVE-2011-2731

SpringSource Spring Security < 2.0.7 and 3.0.x < 3.0.6 - Privilege Escalation via RunAsManager Race Condition

Title source: llm
STIX 2.1

Description

Race condition in the RunAsManager mechanism in VMware SpringSource Spring Security before 2.0.7 and 3.0.x before 3.0.6 stores the Authentication object in the shared security context, which allows attackers to gain privileges via a crafted thread.

References (4)

Core 4
Core References
Vendor Advisory x_refsource_confirm
http://support.springsource.com/security/cve-2011-2731
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/55155
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1029151

Scores

EPSS 0.0023
EPSS Percentile 45.3%

Details

CWE
CWE-362
Status published
Products (13)
org.springframework.security/spring-security-core 0 - 2.0.7Maven
vmware/springsource_spring_security 2.0.0
vmware/springsource_spring_security 2.0.1
vmware/springsource_spring_security 2.0.2
vmware/springsource_spring_security 2.0.3
vmware/springsource_spring_security 2.0.4
vmware/springsource_spring_security 2.0.5
vmware/springsource_spring_security 3.0.0
vmware/springsource_spring_security 3.0.1
vmware/springsource_spring_security 3.0.2
... and 3 more
Published Dec 05, 2012
Tracked Since Feb 18, 2026