ID de Prueba:	1.3.6.1.4.1.25623.1.0.113997
Categoría:	Denial of Service
Título:	VMware Spring Framework < 5.2.22, 5.3.x < 5.3.20 Multiple DoS Vulnerabilities - Windows
Resumen:	The VMware Spring Framework is prone to multiple denial of; service (DoS) vulnerabilities.
Descripción:	Summary: The VMware Spring Framework is prone to multiple denial of service (DoS) vulnerabilities. Vulnerability Insight: The following flaws exist: - CVE-2022-22970: Spring Framework DoS via Data Binding to MultipartFile or Servlet Part Denial of Service (DoS) attack in Spring MVC or Spring WebFlux applications that handle file uploads and rely on data binding to set a MultipartFile or javax.servlet.Part to a field in a model object. - CVE-2022-22971: Spring Framework DoS with STOMP over WebSocket Denial of service (DoS) attack by authenticated users in Spring applications with a STOMP over WebSocket endpoint. Affected Software/OS: VMware Spring Framework versions prior to 5.2.22 and 5.3.x prior to 5.3.20. Solution: Update to version 5.2.22, 5.3.20 or later. CVSS Score: 4.0 CVSS Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2022-22970 https://security.netapp.com/advisory/ntap-20220616-0006/ https://tanzu.vmware.com/security/cve-2022-22970 https://www.oracle.com/security-alerts/cpujul2022.html Common Vulnerability Exposure (CVE) ID: CVE-2022-22971 https://security.netapp.com/advisory/ntap-20220616-0003/ https://tanzu.vmware.com/security/cve-2022-22971
Copyright	Copyright (C) 2022 Greenbone Networks GmbH

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.