Vulnerability Details : CVE-2021-22112
Spring Security 5.4.x prior to 5.4.4, 5.3.x prior to 5.3.8.RELEASE, 5.2.x prior to 5.2.9.RELEASE, and older unsupported versions can fail to save the SecurityContext if it is changed more than once in a single request.A malicious user cannot cause the bug to happen (it must be programmed in). However, if the application's intent is to only allow the user to run with elevated privileges in a small portion of the application, the bug can be leveraged to extend those privileges to the rest of the application.
Exploit prediction scoring system (EPSS) score for CVE-2021-22112
Probability of exploitation activity in the next 30 days: 0.26%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 63 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2021-22112
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Source |
|---|---|---|---|---|---|
|
9.0
|
HIGH | AV:N/AC:L/Au:S/C:C/I:C/A:C |
8.0
|
10.0
|
nvd@nist.gov |
|
8.8
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
nvd@nist.gov |
References for CVE-2021-22112
-
https://lists.apache.org/thread.html/r390783b3b1c59b978131ac08390bf77fbb3863270cbde59d5b0f5fde@%3Cpluto-dev.portals.apache.org%3E
[jira] [Reopened] (PLUTO-786) Upgrade to version Spring Framework 5.3.7 and Spring Security 5.5.1 due to CVE-2021-22112 and CVE-2021-22119 - Pony MailMailing List;Third Party Advisory
-
https://lists.apache.org/thread.html/r413e380088c427f56102968df89ef2f336473e1b56b7d4b3a571a378@%3Cpluto-dev.portals.apache.org%3E
[jira] [Reopened] (PLUTO-786) Upgrade to version Spring Framework 5.3.7 and Spring Security 5.5.0 due to CVE-2021-22112 - Pony MailMailing List;Third Party Advisory
-
https://lists.apache.org/thread.html/r89aa1b48a827f5641310305214547f1d6b2101971a49b624737c497f@%3Cpluto-dev.portals.apache.org%3E
[jira] [Comment Edited] (PLUTO-786) Upgrade to version Spring Framework 5.3.7 and Spring Security 5.5.1 due to CVE-2021-22112 and CVE-2021-22119 - Pony MailMailing List;Third Party Advisory
-
https://www.oracle.com//security-alerts/cpujul2021.html
Oracle Critical Patch Update Advisory - July 2021Third Party Advisory
-
https://lists.apache.org/thread.html/r37423ec7eea340e92a409452c35b649dce02fdc467f0b3f52086c177@%3Cpluto-dev.portals.apache.org%3E
Pony Mail!Mailing List;Third Party Advisory
-
https://lists.apache.org/thread.html/r163b3e4e39803882f5be05ee8606b2b9812920e196daa2a82997ce14@%3Cpluto-dev.portals.apache.org%3E
[jira] [Updated] (PLUTO-786) Upgrade to version Spring Framework 5.3.7 and Spring Security 5.5.1 due to CVE-2021-22112 and CVE-2021-22119 - Pony MailMailing List;Third Party Advisory
-
https://lists.apache.org/thread.html/redbd004a503b3520ae5746c2ab5e93fd7da807a8c128e60d2002cd9b@%3Cissues.nifi.apache.org%3E
[GitHub] [nifi] exceptionfactory opened a new pull request #5066: NIFI-8502 Upgrade Spring Framework to 5.3.6 - Pony MailMailing List;Third Party Advisory
-
http://www.openwall.com/lists/oss-security/2021/02/19/7
oss-security - Vulnerability in JenkinsMailing List;Third Party Advisory
-
https://www.oracle.com/security-alerts/cpuApr2021.html
Oracle Critical Patch Update Advisory - April 2021Patch;Third Party Advisory
-
https://lists.apache.org/thread.html/r3868207b967f926819fe3aa8d33f1666429be589bb4a62104a49f4e3@%3Cpluto-dev.portals.apache.org%3E
[jira] [Closed] (PLUTO-786) Upgrade to version Spring Framework 5.3.7 and Spring Security 5.5.1 due to CVE-2021-22112 and CVE-2021-22119 - Pony MailMailing List;Third Party Advisory
-
https://lists.apache.org/thread.html/ra53677224fe4f04c2599abc88032076faa18dc84b329cdeba85d4cfc@%3Cpluto-scm.portals.apache.org%3E
[portals-pluto] branch master updated: PLUTO-786 Upgrade to version Spring Framework 5.3.7 and Spring Security 5.5.1 due to CVE-2021-22112 and CVE-2021-22119 - Pony MailMailing List;Third Party Advisory
-
https://tanzu.vmware.com/security/cve-2021-22112
CVE-2021-22112: Changing SecurityContext More Than Once in Single Request Can Fail to Save | Security | VMware TanzuVendor Advisory
-
https://lists.apache.org/thread.html/ra6389b1b82108a3b6bbcd22979f7665fd437c2a3408c9509a15a9ca1@%3Cpluto-dev.portals.apache.org%3E
[jira] [Updated] (PLUTO-786) Upgrade to version Spring Framework 5.3.7 and Spring Security 5.5.0 due to CVE-2021-22112 - Pony MailMailing List;Third Party Advisory
-
https://www.oracle.com/security-alerts/cpuoct2021.html
Oracle Critical Patch Update Advisory - October 2021Patch;Third Party Advisory
-
https://lists.apache.org/thread.html/r2cb05e499807900ba23e539643eead9c5f0652fd271f223f89da1804@%3Cpluto-scm.portals.apache.org%3E
[portals-pluto] branch master updated: PLUTO-786 Upgrade to version Spring Framework 5.3.7 and Spring Security 5.5.0 due to CVE-2021-22112 - Pony MailMailing List;Patch;Third Party Advisory
Products affected by CVE-2021-22112
- cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:hospitality_cruise_shipboard_property_management_system:20.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:insurance_policy_administration:11.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:insurance_policy_administration:11.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:communications_interactive_session_recorder:6.3:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*
- Oracle » Communications Element ManagerVersions from including (>=) 8.2.0 and up to, including, (<=) 8.2.4.0cpe:2.3:a:oracle:communications_element_manager:*:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:spring_security:*:*:*:*:*:*:*:*
- cpe:2.3:a:pivotal_software:spring_security:*:*:*:*:*:*:*:*
- cpe:2.3:a:pivotal_software:spring_security:*:*:*:*:*:*:*:*