Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Search Type: Search All
  • CPE Vendor: cpe:/:pivotal_software
  • CPE Product: cpe:/:pivotal_software:spring_framework
  • CPE Product Version: cpe:/:pivotal_software:spring_framework:4.3.26
There are 1 matching records.
Displaying matches 1 through 1.
Vuln ID Summary CVSS Severity
CVE-2020-5421

In Spring Framework versions 5.2.0 - 5.2.8, 5.1.0 - 5.1.17, 5.0.0 - 5.0.18, 4.3.0 - 4.3.28, and older unsupported versions, the protections against RFD attacks from CVE-2015-5211 may be bypassed depending on the browser used through the use of a jsessionid path parameter.

Published: September 19, 2020; 12:15:11 AM -0400
V3.1: 6.5 MEDIUM
V2.0: 3.6 LOW