4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.005 Low
EPSS
Percentile
77.2%
CRLF injection vulnerability in the logout functionality in VMware
SpringSource Spring Security before 2.0.7 and 3.0.x before 3.0.6 allows
remote attackers to inject arbitrary HTTP headers and conduct HTTP response
splitting attacks via the spring-security-redirect parameter.