Description
Race condition in the RunAsManager mechanism in VMware SpringSource Spring Security before 2.0.7 and 3.0.x before 3.0.6 stores the Authentication object in the shared security context, which allows attackers to gain privileges via a crafted thread.
Remediation
References
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=677814
http://secunia.com/advisories/55155
http://support.springsource.com/security/cve-2011-2731
http://www.securitytracker.com/id/1029151
Related Vulnerabilities
CVE-2015-5317 Vulnerability in maven package org.jenkins-ci.main:jenkins-core
CVE-2022-25168 Vulnerability in maven package org.apache.hadoop:hadoop-common
CVE-2018-11788 Vulnerability in maven package org.apache.karaf:org.apache.karaf.util
CVE-2017-3156 Vulnerability in maven package org.apache.cxf:cxf-rt-rs-security-oauth2
CVE-2023-27904 Vulnerability in maven package org.jenkins-ci.main:jenkins-core