Lucene search
+L

6 matches found

Check Point Advisories
Check Point Advisories
added 2021/12/27 12:0 a.m.54 views

VMware Spring Cloud Netflix Remote Code Execution (CVE-2021-22053)

A remote code execution vulnerability exists in VMware Spring Cloud Netflix. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.5CVSS5.7AI score0.13035EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2021/11/23 5:53 p.m.6 views

cn.iisme.cloud:iisme-demos-nacos-web (=1.0.1), cn.iisme:iisme-demos-nacos-web (=1.0.0) +26 more potentially affected by CVE-2021-22053 via org.springframework.cloud:spring-cloud-netflix-hystrix-dashboard (>=1.0.0.RELEASE <=2.2.0.RELEASE)

org.springframework.cloud:spring-cloud-netflix-hystrix-dashboard MAVEN version =1.0.0.RELEASE, =3.0.0, =1.1.0, =1.1.0, =1.0, =1.0, =1.0.4, =1.0.1, =1.0.0, =1.0.0, =1.0.3 and more Source cves: CVE-2021-22053 Source advisory: OSV:GHSA-GX3F-HQ7P-8FXV...

8.8CVSS7.1AI score0.13035EPSS
Exploits0
Circl
Circl
added 2021/11/19 6:23 p.m.127 views

CVE-2021-22053

creationtimestamp| type| source ---|---|--- 2021-11-19 18:23:23+00:00| seen| https://t.me/cibsecurity/32701 2021-11-22 09:30:27+00:00| published-proof-of-concept| https://t.me/hackertrick/464 2021-11-22 10:37:29+00:00| published-proof-of-concept| https://t.me/BlueRedTeam/1205 2021-11-22...

8.8CVSS7AI score0.13035EPSS
In wildExploits0References7
NVD
NVD
added 2021/11/19 4:15 p.m.67 views

CVE-2021-22053

Applications using both spring-cloud-netflix-hystrix-dashboard and spring-boot-starter-thymeleaf expose a way to execute code submitted within the request URI path during the resolution of view templates. When a request is made at /hystrix/monitor;user-provided data, the path elements following...

8.8CVSS0.13035EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/11/19 3:56 p.m.76 views

CVE-2021-22053

Applications using both spring-cloud-netflix-hystrix-dashboard and spring-boot-starter-thymeleaf expose a way to execute code submitted within the request URI path during the resolution of view templates. When a request is made at /hystrix/monitor;user-provided data, the path elements following...

9.2AI score0.13035EPSS
Exploits0References1
CVE
CVE
added 2021/11/19 3:56 p.m.149 views

CVE-2021-22053

CVE-2021-22053 affects Spring Cloud Netflix Hystrix Dashboard prior to 2.2.10 when used with spring-boot-starter-thymeleaf. The vulnerability arises because request URI path data is evaluated as SpringEL expressions during view template resolution (example: /hystrix/monitor;[data]), enabling remo...

8.8CVSS8.8AI score0.13035EPSS
In wildExploits0References1Affected Software1
Rows per page
Query Builder