claytonvantol.us
SESSION: secure TLS: 1.3 PID: 1337

clayton@site:~/news$ cat cve-2020-5410-vmware-tanzu-spring-cloud-configuration-config-server.log

CVE-2020-5410 — VMware Tanzu Spring Cloud Config Directory Traversal Vulnerability

2022-03-25 • CISA Known Exploited Vulnerability

[event] Spring, by VMware Tanzu, Cloud Config contains a path traversal vulnerability that allows applications to serve arbitrary configuration files.

> AFFECTED SOFTWARE

Field Value
Vendor VMware Tanzu
Product Spring Cloud Configuration (Config) Server
CWE CWE-23
CVE ID CVE-2020-5410
Date Added 2022-03-25
Due Date 2022-04-15
Ransomware Campaign Unknown

> MITIGATION

Apply updates per vendor instructions.

Due Date: 2022-04-15

> REFERENCES

← back to terminal

UPTIME: 1337d v2.0.1 privacy LAST LOGIN: 2026-05-30 20:36:13 UTC