CVE-2024-38820 | VMware Spring up to 5.3.40/6.0.24/6.1.13 DataBinder String.toLowerCase access control

Inserito da Angelo Barbosa | Ott 18, 2024 | CVE

A vulnerability was found in VMware Spring up to 5.3.40/6.0.24/6.1.13. It has been declared as problematic. Affected by this vulnerability is the function String.toLowerCase of the component DataBinder. The manipulation leads to improper access controls.

This vulnerability is known as CVE-2024-38820. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-38820 | VMware Spring up to 5.3.40/6.0.24/6.1.13 DataBinder String.toLowerCase access control

Post correlati

CVE-2024-4548 | Delta Electronics DIAEnergie up to 1.10.1.8610 RecalculateHDMWYC Message CEBC.exe sql injection

CVE-2024-41093 | Linux Kernel up to 5.15.161/6.1.96/6.6.36/6.9.7 AMD GPU drm_gem_fb_get_obj buffer overflow

CVE-2024-1635 | Undertow prior 2.2.30.SP1/2.3.10.SP3 HTTP Upgrade WriteTimeoutStreamSinkConduit resource consumption

CVE-2023-49087 | SimpleSAMLphp saml2/xml-security XML Signature unknown vulnerability