- Description
- A malicious or compromised FTP/SFTP/SMB server can write arbitrary files anywhere on the client filesystem (outside the configured local-directory) with attacker-controlled content. Affected versions: Spring Integration 7.0.0 through 7.0.4; 6.5.0 through 6.5.8; 6.4.0 through 6.4.11; 6.3.0 through 6.3.14; 5.5.0 through 5.5.20.
- Source
- security@vmware.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 7.1
- Impact score
- 5.3
- Exploitability score
- 1.3
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:L
- Severity
- HIGH
- security@vmware.com
- CWE-22
- Hype score
- Not currently trending