Vulnerabilities

CVE-2020-5421

by Fred · 18/09/2020

In Spring Framework versions 5.2.0 – 5.2.8, 5.1.0 – 5.1.17, 5.0.0 – 5.0.18, 4.3.0 – 4.3.28, and older unsupported versions, the protections against RFD attacks from CVE-2015-5211 may be bypassed depending on the browser used through the use of a jsessionid path parameter.

Date published : 2020-09-18

https://security.netapp.com/advisory/ntap-20210513-0009/

https://tanzu.vmware.com/security/cve-2020-5421

Similar

Tags: Cybersecurity Alert