The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them. |
|
 |
|
|
Synthesis of the vulnerability 
An attacker can bypass restrictions via RFD Protection Bypass of VMware Spring Framework, in order to escalate his privileges.
Vulnerable software: Spring Framework.
Severity of this announce: 2/4.
Creation date: 17/09/2020.
Références of this computer vulnerability: CVE-2020-5421, VIGILANCE-VUL-33361.
Description of the vulnerability 
An attacker can bypass restrictions via RFD Protection Bypass of VMware Spring Framework, in order to escalate his privileges. Full bulletin, software filtering, emails, fixes, ... (Request your free trial)
This threat note impacts software or systems such as Spring Framework.
Our Vigil@nce team determined that the severity of this cybersecurity note is medium.
The trust level is of type confirmed by the editor, with an origin of document.
An attacker with a expert ability can exploit this vulnerability note.
Solutions for this threat 
VMware Spring Framework: version 5.2.9.
The version 5.2.9 is fixed:
https://tanzu.vmware.com/spring-app-framework
VMware Spring Framework: version 5.1.18.
The version 5.1.18 is fixed:
https://tanzu.vmware.com/spring-app-framework
VMware Spring Framework: version 5.0.19.
The version 5.0.19 is fixed:
https://tanzu.vmware.com/spring-app-framework
VMware Spring Framework: version 4.3.29.
The version 4.3.29 is fixed:
https://tanzu.vmware.com/spring-app-framework
Spring Boot: version 2.3.4.
The version 2.3.4 is fixed:
https://spring.io/projects/spring-boot
Spring Boot: version 2.2.10.
The version 2.2.10 is fixed:
https://spring.io/projects/spring-boot
Spring Boot: version 2.1.17.
The version 2.1.17 is fixed:
https://spring.io/projects/spring-boot
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)
Computer vulnerabilities tracking service 
Vigil@nce provides a system vulnerability watch. The Vigil@nce vulnerability database contains several thousand vulnerabilities.
|