![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
Cyberattacks Escalate in Middle East Due to Rising Tension Between Nations
April 16, 2024![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
Threat Actor Claims to Sell Database of Mossad and Israeli Ministry of Foreign Affairs
April 17, 2024![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
Cyberattacks Escalate in Middle East Due to Rising Tension Between Nations
April 16, 2024![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
Threat Actor Claims to Sell Database of Mossad and Israeli Ministry of Foreign Affairs
April 17, 2024Severity
High
Analysis Summary
CVE-2024-22262
VMware Tanzu Spring Framework could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability in UriComponentsBuilder. An attacker could exploit this vulnerability using a specially-crafted URL to redirect a victim to arbitrary Web sites.
Impact
- Information Theft
Indicators of Compromise
CVE
- CVE-2024-22262
Affected Vendors
Affected Products
- VMware Tanzu Spring Framework 5.3.0
- VMware Tanzu Spring Framework 6.0.0
- VMware Tanzu Spring Framework 6.1.0
- VMware Tanzu Spring Framework 5.3.33
- VMware Tanzu Spring Framework 6.0.18
- VMware Tanzu Spring Framework 6.1.5
Remediation
Refer to VMware Security Advisories for patch, upgrade or suggested workaround information.