Vulnerabilities for Spring data rest (...) - CXSECURITY.COM

Vulnerabilities for 'Spring data rest'

2021-10-28

CVE-2021-22047

CWE-668

In Spring Data REST versions 3.4.0 - 3.4.13, 3.5.0 - 3.5.5, and older unsupported versions, HTTP resources implemented by custom controllers using a configured base API path and a controller type-level request mapping are additionally exposed under URIs that can potentially be exposed for unauthorized access depending on the Spring Security configuration.

>>> Vendor: Vmware 132 Products

Vmware workstation

Vmware player 2

Vmware virtualcenter

Operations manager

Vcenter lab manager

Vcenter stage manager

Spring framework

Springsource spring security

Virtual infrastructure client

Springsource spring framework

Vcenter update manager

Vcenter chargeback manager

Vcenter orchestrator

Vshield manager

Vcenter operations

Vcenter server appliance

Vcloud director

Vcloud networking and security

Vcloud automation center

Vsphere data protection

Horizon view client

Vrealize orchestrator

Vrealize business

Vrealize automation

Vcloud automation identity appliance

Vrealize log insight

Vcloud networking and security edge

Workstation player

Workstation pro

Identity manger

Vrealize operations

Spring security

Unified access gateway

Spring advanced message queuing protocol

Spring data rest

Spring integration zip

Spring integration

Intelligent hub

Workspace one boxer

Workspace one content

Workspace one intelligent hub

See all Products for Vendor Vmware

Copyright 2024, cxsecurity.com