Vulnerability Details CVE-2020-5428
In applications using Spring Cloud Task 2.2.4.RELEASE and below, may be vulnerable to SQL injection when exercising certain lookup queries in the TaskExplorer.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.8%
CVSS Severity
CVSS v3 Score 5.1
CVSS v2 Score 6.5
References
Products affected by CVE-2020-5428
-
cpe:2.3:a:vmware:spring_cloud_task:1.0.0
-
cpe:2.3:a:vmware:spring_cloud_task:1.0.1
-
cpe:2.3:a:vmware:spring_cloud_task:1.0.2
-
cpe:2.3:a:vmware:spring_cloud_task:1.0.3
-
cpe:2.3:a:vmware:spring_cloud_task:1.1.0
-
cpe:2.3:a:vmware:spring_cloud_task:1.1.1
-
cpe:2.3:a:vmware:spring_cloud_task:1.1.2
-
cpe:2.3:a:vmware:spring_cloud_task:1.2.0
-
cpe:2.3:a:vmware:spring_cloud_task:1.2.1
-
cpe:2.3:a:vmware:spring_cloud_task:1.2.2
-
cpe:2.3:a:vmware:spring_cloud_task:1.2.3
-
cpe:2.3:a:vmware:spring_cloud_task:1.2.4
-
cpe:2.3:a:vmware:spring_cloud_task:1.3.0
-
cpe:2.3:a:vmware:spring_cloud_task:1.3.1
-
cpe:2.3:a:vmware:spring_cloud_task:2.0.0
-
cpe:2.3:a:vmware:spring_cloud_task:2.0.1
-
cpe:2.3:a:vmware:spring_cloud_task:2.0.2
-
cpe:2.3:a:vmware:spring_cloud_task:2.1.0
-
cpe:2.3:a:vmware:spring_cloud_task:2.1.1
-
cpe:2.3:a:vmware:spring_cloud_task:2.1.2
-
cpe:2.3:a:vmware:spring_cloud_task:2.1.3
-
cpe:2.3:a:vmware:spring_cloud_task:2.1.4
-
cpe:2.3:a:vmware:spring_cloud_task:2.2.0
-
cpe:2.3:a:vmware:spring_cloud_task:2.2.1
-
cpe:2.3:a:vmware:spring_cloud_task:2.2.2
-
cpe:2.3:a:vmware:spring_cloud_task:2.2.3
-
cpe:2.3:a:vmware:spring_cloud_task:2.2.4