← back
CVE-2020-5428

Possibility of SQL Injection in Spring Cloud Task Execution Sorting Query

CVSS 5.1 MEDIUMEPSS 0.5%CWE-89
In applications using Spring Cloud Task 2.2.4.RELEASE and below, may be vulnerable to SQL injection when exercising certain lookup queries in the TaskExplorer.
CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:L
Affected products
Spring by VMware · Spring Cloud Task

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://tanzu.vmware.com/security/cve-2020-5428