Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2011-2732

CWE-94 — Code Injection7 documents7 sources

Severity

4.3MEDIUM

EPSS

7.2%

top 8.44%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Vmware Springsource Spring Security

Timeline

PublishedDec 5

Latest updateMay 17

Description

CRLF injection vulnerability in the logout functionality in VMware SpringSource Spring Security before 2.0.7 and 3.0.x before 3.0.6 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the spring-security-redirect parameter.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages2 packages

▶NVDvmware/springsource_spring_security2.0.6+12

▶Mavenorg.springframework.security:spring-security-core3.0.0 — 3.0.6+1

🔴Vulnerability Details

GHSA

Improper Control of Generation of Code in Spring Security↗2022-05-17

▶

OSV

Improper Control of Generation of Code in Spring Security↗2022-05-17

▶

CVEList

CVE-2011-2732: CRLF injection vulnerability in the logout functionality in VMware SpringSource Spring Security before 2↗2012-12-05

▶

💥Exploits & PoCs

Exploit-DB

Spring Security - HTTP Header Injection↗2011-09-09

▶

📋Vendor Advisories

Red Hat

Security: Header injection flaw due improper use of 'spring-security-redirect' parameter↗2011-09-09

▶

💬Community

Bugzilla

CVE-2011-2732 Spring Security: Header injection flaw due improper use of 'spring-security-redirect' parameter↗2011-09-12

▶