CVE-2021-22112 - Spring Security 5.4.x prior to 5.4.4, 5.3.x prior to 5.3.8.RELEASE, 5.2.x prior to 5.2.9.RELEASE, an

CVE-2021-22112

Summary

Spring Security 5.4.x prior to 5.4.4, 5.3.x prior to 5.3.8.RELEASE, 5.2.x prior to 5.2.9.RELEASE, and older unsupported versions can fail to save the SecurityContext if it is changed more than once in a single request.A malicious user cannot cause the bug to happen (it must be programmed in). However, if the application's intent is to only allow the user to run with elevated privileges in a small portion of the application, the bug can be leveraged to extend those privileges to the rest of the application.

References

Vulnerable Configurations

cpe:2.3:a:pivotal_software:spring_security:-:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:-:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:3.1.0:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:3.1.0:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:3.1.1:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:3.1.1:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:3.1.2:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:3.1.2:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:3.1.3:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:3.1.3:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:3.1.4:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:3.1.4:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:3.1.5:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:3.1.5:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:3.2.0:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:3.2.0:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:3.2.1:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:3.2.1:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:3.2.2:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:3.2.2:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:3.2.3:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:3.2.3:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:3.2.4:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:3.2.4:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:3.2.5:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:3.2.5:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:3.2.6:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:3.2.6:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:3.2.7:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:3.2.7:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:3.2.8:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:3.2.8:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:3.2.9:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:3.2.9:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:3.2.10:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:3.2.10:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.0.0:-:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.0.0:-:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.0.0:milestone1:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.0.0:milestone1:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.0.0:milestone2:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.0.0:milestone2:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.0.0:rc1:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.0.0:rc1:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.0.0:rc2:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.0.0:rc2:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.0.1:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.0.1:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.0.2:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.0.2:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.0.3:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.0.3:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.0.4:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.0.4:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.1.0:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.1.0:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.1.1:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.1.1:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.1.2:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.1.2:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.1.3:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.1.3:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.1.4:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.1.4:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.2.0:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.2.0:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.2.0:milestone1:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.2.0:milestone1:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.2.0:rc1:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.2.0:rc1:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.2.0:release:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.2.0:release:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.2.1:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.2.1:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.2.1:release:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.2.1:release:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.2.2:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.2.2:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.2.2:release:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.2.2:release:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.2.3:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.2.3:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.2.4:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.2.4:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.2.5:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.2.5:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.2.6:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.2.6:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.2.7:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.2.7:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.2.9:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.2.9:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.2.10:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.2.10:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.2.11:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.2.11:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.2.12:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.2.12:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.2.13:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.2.13:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.2.14:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.2.14:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.2.15:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.2.15:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.2.16:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:4.2.16:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.0.0:-:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.0.0:-:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.0.0:m1:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.0.0:m1:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.0.0:milestone1:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.0.0:milestone1:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.0.0:milestone2:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.0.0:milestone2:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.0.0:milestone3:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.0.0:milestone3:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.0.0:milestone4:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.0.0:milestone4:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.0.0:milestone5:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.0.0:milestone5:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.0.0:rc1:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.0.0:rc1:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.0.3:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.0.3:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.0.4:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.0.4:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.0.5:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.0.5:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.0.6:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.0.6:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.0.7:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.0.7:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.0.8:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.0.8:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.0.9:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.0.9:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.0.10:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.0.10:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.0.11:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.0.11:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.0.12:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.0.12:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.0.13:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.0.13:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.0.14:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.0.14:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.0.15:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.0.15:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.0.16:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.0.16:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.1.0:-:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.1.0:-:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.1.0:milestone1:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.1.0:milestone1:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.1.0:milestone2:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.1.0:milestone2:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.1.0:rc1:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.1.0:rc1:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.1.0:rc2:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.1.0:rc2:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.1.1:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.1.1:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.1.2:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.1.2:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.1.3:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.1.3:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.1.4:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.1.4:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.1.5:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.1.5:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.1.6:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.1.6:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.1.7:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.1.7:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.1.8:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.1.8:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.1.9:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.1.9:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.1.10:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.1.10:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.2.0:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.2.0:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.2.0:-:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.2.0:-:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.2.0:milestone1:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.2.0:milestone1:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.2.0:milestone2:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.2.0:milestone2:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.2.0:milestone3:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.2.0:milestone3:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.2.0:milestone4:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.2.0:milestone4:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.2.0:rc1:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.2.0:rc1:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.2.1:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.2.1:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.2.2:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.2.2:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.2.3:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.2.3:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.2.4:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.2.4:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.2.5:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.2.5:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.2.6:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.2.6:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.2.7:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.2.7:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.2.8:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.2.8:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.3.0:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.3.0:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.3.0:-:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.3.0:-:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.3.0:milestone1:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.3.0:milestone1:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.3.0:rc1:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.3.0:rc1:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.3.1:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.3.1:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.3.2:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.3.2:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.3.3:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.3.3:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.3.4:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.3.4:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.3.5:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.3.5:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.3.6:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.3.6:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.3.7:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_security:5.3.7:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_security:5.4.0:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_security:5.4.0:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_security:5.4.0:-:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_security:5.4.0:-:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_security:5.4.0:milestone1:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_security:5.4.0:milestone1:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_security:5.4.0:milestone2:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_security:5.4.0:milestone2:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_security:5.4.0:rc1:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_security:5.4.0:rc1:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_security:5.4.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_security:5.4.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_security:5.4.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_security:5.4.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_security:5.4.3:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_security:5.4.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_element_manager:8.2.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_element_manager:8.2.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_element_manager:8.2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_element_manager:8.2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_element_manager:8.2.4.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_element_manager:8.2.4.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_interactive_session_recorder:6.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_interactive_session_recorder:6.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:hospitality_cruise_shipboard_property_management_system:20.1.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:hospitality_cruise_shipboard_property_management_system:20.1.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:insurance_policy_administration:11.2.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:insurance_policy_administration:11.2.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:insurance_policy_administration:11.3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:insurance_policy_administration:11.3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:-:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:-:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:2.3.14:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:2.3.14:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.0.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.0.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.0.25:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.0.25:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.1.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.1.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.1.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.1.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.1.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.1.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.1.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.1.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.1.3.7856:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.1.3.7856:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.1.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.1.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.1.5:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.1.5:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.1.6:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.1.6:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.1.6.8003:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.1.6.8003:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.1.7:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.1.7:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.2.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.2.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.2.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.2.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.2.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.2.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.2.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.2.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.2.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.2.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.2.5:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.2.5:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.2.6:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.2.6:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.2.7:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.2.7:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.2.8:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.2.8:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.2.8.2223:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.2.8.2223:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.2.9:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.2.9:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.2.10:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.2.10:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.2.1182:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.2.1182:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.3.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.3.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.3.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.3.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.3.2.1162:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.3.2.1162:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.3.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.3.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.3.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.3.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.3.4.3247:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.3.4.3247:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.3.5:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.3.5:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.3.6:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.3.6:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.3.7:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.3.7:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.3.8:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.3.8:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.3.9:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.3.9:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.4.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.4.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.4.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.4.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.4.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.4.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.4.2.4181:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.4.2.4181:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.4.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.4.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.4.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.4.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.4.5:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.4.5:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.4.6:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.4.6:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.4.7:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.4.7:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.4.7.4297:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.4.7.4297:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.4.8:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.4.8:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.4.9:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.4.9:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.4.9.4237:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.4.9.4237:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.4.10:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.4.10:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:4.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:4.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:4.0.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:4.0.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:4.0.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:4.0.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:4.0.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:4.0.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:4.0.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:4.0.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:4.0.4.5235:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:4.0.4.5235:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:4.0.5:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:4.0.5:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:4.0.6:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:4.0.6:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:4.0.6.5281:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:4.0.6.5281:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:4.0.7:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:4.0.7:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:4.0.8:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:4.0.8:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:4.0.12:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:4.0.12:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:4.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:4.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:8.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:8.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:8.0.0.8131:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:8.0.0.8131:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:8.0.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:8.0.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:8.0.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:8.0.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:8.0.2.8191:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:8.0.2.8191:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:8.0.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:8.0.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:8.0.14:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:8.0.14:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:8.0.20:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:8.0.20:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:8.0.21:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:8.0.21:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:8.0.22:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:8.0.22:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:8.0.23:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:8.0.23:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:8.0.25:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:8.0.25:*:*:*:*:*:*:*

CVSS

Base:	9.0 (as of 08-12-2021 - 20:18)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	SINGLE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:S/C:C/I:C/A:C

Last major update

08-12-2021 - 20:18

Published

23-02-2021 - 19:15

Last modified

08-12-2021 - 20:18