Nepxion Discovery is an enhanced middleware for service registration discovery for Spring Cloud. Nepxion Discovery 6.16.2 and earlier versions are vulnerable to a remote code execution vulnerability that stems from a lack of validation of input data in Discovery-commons and is susceptible to SpEL injection attacks The vulnerability can be exploited by an attacker to cause remote code execution.
CPE | Name | Operator | Version |
---|---|---|---|
nepxion discovery | le | 6.16.2 |