CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vmware: >> Spring Data Rest >> 3.5.1 Security Vulnerabilities

CVE-2021-22047

In Spring Data REST versions 3.4.0 - 3.4.13, 3.5.0 - 3.5.5, and older unsupported versions, HTTP resources implemented by custom controllers using a configured base API path and a controller type-level request mapping are additionally exposed under URIs that can potentially be exposed for unauthorized access depending on the Spring Security configuration.

CVSS Score

5.3

EPSS Score

0.007

Published

2021-10-28

Page 1

Vulnerabilities

Vulnerable Software

Vmware: >> Spring Data Rest >> 3.5.1 Security Vulnerabilities

Products

Pricing

Contact Us