CVE-2021-22112 – org.springframework.security:spring-security-bom

Package

Manager: maven
Name: org.springframework.security:spring-security-bom
Vulnerable Version: >=5.4.0 <5.4.4 || >=5.3.0 <5.3.8 || >=0 <5.2.9

Severity

Level: High

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

EPSS: 0.00979 pctl0.75878

Details

Privilege escalation in spring security Spring Security 5.4.x prior to 5.4.4, 5.3.x prior to 5.3.8.RELEASE, 5.2.x prior to 5.2.9.RELEASE, and older unsupported versions can fail to save the SecurityContext if it is changed more than once in a single request.A malicious user cannot cause the bug to happen (it must be programmed in). However, if the application's intent is to only allow the user to run with elevated privileges in a small portion of the application, the bug can be leveraged to extend those privileges to the rest of the application.

Metadata

Created: 2021-05-10T15:22:39Z
Modified: 2021-08-31T21:18:55Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/05/GHSA-gq28-h5vg-8prx/GHSA-gq28-h5vg-8prx.json
CWE IDs: ["CWE-269"]
Alternative ID: GHSA-gq28-h5vg-8prx
Finding: F159
Auto approve: 1