CVE-2020-5410 | Cybersecurity Alerts | Nexus IT Services, LLC

← Back to Cybersecurity Alerts

CVE-2020-5410

VMware Tanzu | Spring Cloud Configuration (Config) ServerAdded 2022-03-25Remediation Deadline 2022-04-15

VMware Tanzu Spring Cloud Config Directory Traversal Vulnerability

Spring, by VMware Tanzu, Cloud Config contains a path traversal vulnerability that allows applications to serve arbitrary configuration files.

Required Action

Apply updates per vendor instructions.

Weakness Classification

CWE-23

References

https://nvd.nist.gov/vuln/detail/CVE-2020-5410