Denial-of-Service Vulnerability in Spring Boot by VMware
CVE-2023-20883

7.5HIGH

Key Information:

Vendor: Vmware
Status: Spring Boot
Vendor: CVE Published:; 26 May 2023

What is CVE-2023-20883?

A vulnerability exists in various versions of Spring Boot where the combination of Spring MVC and a reverse proxy cache may lead to a denial-of-service (DoS) attack. This can allow attackers to exploit the affected application, causing potential service disruptions and unavailability. Users are encouraged to review their versions and apply security updates as necessary to mitigate this risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Spring Boot Spring Boot versions 3.0.0 - 3.0.6, 2.7.0 - 2.7.11, 2.6.0 - 2.6.14, 2.5.0 - 2.5.14 and older unsupported versions

References

https://spring.io/security/cve-2023-20883

https://security.netapp.com/advisory/ntap-20230703-0008/

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 26, 2023
Vulnerability Reserved
Nov 1, 2022

JSON

Vmware

What is CVE-2023-20883?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.