Rewterz Threat Advisory – CVE-2023-51123 – D-Link dir815 Vulnerability
January 23, 2024Rewterz Threat Alert –ScarCruft APT Targets Security Experts for Gathering Strategic Intelligence – Active IOCs
January 23, 2024Rewterz Threat Advisory – CVE-2023-51123 – D-Link dir815 Vulnerability
January 23, 2024Rewterz Threat Alert –ScarCruft APT Targets Security Experts for Gathering Strategic Intelligence – Active IOCs
January 23, 2024Severity
High
Analysis Summary
CVE-2024-22233
VMware Tanzu Spring Framework is vulnerable to a denial of service, caused by a flaw when application uses Spring MVC and Spring Security 6.1.6+ or 6.2.1+ is on the classpath. By sending specially crafted HTTP requests, a remote attacker could exploit this vulnerability to cause a denial of service condition.
Impact
- Denial of Service
Indicators Of Compromise
CVE
- CVE-2024-22233
Affected Vendors
VMware
Affected Products
- VMware Tanzu Spring Framework 6.0.15
- VMware Tanzu Spring Framework 6.1.2
Remediation
Refer to VMware Security Advisory for patch, upgrade or suggested workaround information.