Description
Race condition in the RunAsManager mechanism in VMware SpringSource Spring Security before 2.0.7 and 3.0.x before 3.0.6 stores the Authentication object in the shared security context, which allows attackers to gain privileges via a crafted thread.
Remediation
References
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=677814
http://support.springsource.com/security/cve-2011-2731
http://secunia.com/advisories/55155
http://www.securitytracker.com/id/1029151
Related Vulnerabilities
CVE-2009-1190 Vulnerability in maven package org.springframework:spring-core
CVE-2018-1047 Vulnerability in maven package org.wildfly:wildfly-undertow
CVE-2019-10327 Vulnerability in maven package org.jenkins-ci.plugins:pipeline-maven-parent
CVE-2023-4061 Vulnerability in maven package org.wildfly.core:wildfly-controller
CVE-2016-0763 Vulnerability in maven package org.apache.tomcat.embed:tomcat-embed-core