Description
Race condition in the RunAsManager mechanism in VMware SpringSource Spring Security before 2.0.7 and 3.0.x before 3.0.6 stores the Authentication object in the shared security context, which allows attackers to gain privileges via a crafted thread.
Remediation
References
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=677814
http://secunia.com/advisories/55155
http://support.springsource.com/security/cve-2011-2731
http://www.securitytracker.com/id/1029151
Related Vulnerabilities
CVE-2023-49093 Vulnerability in maven package org.htmlunit:htmlunit
CVE-2012-5633 Vulnerability in maven package org.apache.cxf:cxf-rt-ws-security
CVE-2022-36364 Vulnerability in maven package org.apache.calcite.avatica:avatica-core
CVE-2019-1003024 Vulnerability in maven package org.jenkins-ci.plugins:script-security
CVE-2023-24423 Vulnerability in maven package com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger