CVE-2020-5398
Published at:
-
17-01-2020 01:15
Last modified:
-
25-07-2022 08:15
Total changes:
-
17
Description
Common Vulnerability Scoring System (CVSS)
High
Attack complexity
Network
Attack vector
High
Availability
High
Confidentiality
High
Integrity
None
Privileges required
Unchanged
Scope
Required
User interaction
7.5
Base score
1.6
5.9
Exploitability score
Impact score
Verification logic
Reference
- https://pivotal.io/security/cve-2020-5398
- [camel-commits] 20200220 [camel] branch camel-2.25.x updated: Updating Spring due to CVE-2020-5398-Mailing List, Third Party Advisory
- [geode-dev] 20200410 Proposal to bring GEODE-7970 to support/1.12-Mailing List, Third Party Advisory
- [geode-dev] 20200410 Re: Proposal to bring GEODE-7970 to support/1.12-Mailing List, Third Party Advisory
- N/A-Third Party Advisory
- [karaf-issues] 20200514 [jira] [Updated] (KARAF-6721) Update Spring versions due to CVE-2020-5398-Mailing List, Third Party Advisory
- [karaf-commits] 20200514 [GitHub] [karaf] coheigea opened a new pull request #1118: KARAF-6721 - Update Spring versions due to CVE-2020-5398-Mailing List, Third Party Advisory
- [karaf-issues] 20200514 [jira] [Created] (KARAF-6721) Update Spring versions due to CVE-2020-5398-Mailing List, Third Party Advisory
- [karaf-issues] 20200514 [jira] [Commented] (KARAF-6721) Update Spring versions due to CVE-2020-5398-Mailing List, Third Party Advisory
- [karaf-commits] 20200514 [GitHub] [karaf] skitt commented on a change in pull request #1118: KARAF-6721 - Update Spring versions due to CVE-2020-5398-Mailing List, Third Party Advisory
- [karaf-commits] 20200514 [GitHub] [karaf] coheigea commented on a change in pull request #1118: KARAF-6721 - Update Spring versions due to CVE-2020-5398-Mailing List, Third Party Advisory
- [karaf-issues] 20200517 [jira] [Assigned] (KARAF-6721) Update Spring versions due to CVE-2020-5398-Mailing List, Third Party Advisory
- [karaf-issues] 20200517 [jira] [Updated] (KARAF-6721) Upgrade to Spring 5.1.14.RELEASE and 5.2.5.RELEASE due to CVE-2020-5398-Mailing List, Third Party Advisory
- [karaf-issues] 20200517 [jira] [Updated] (KARAF-6721) Update Spring versions due to CVE-2020-5398-Mailing List, Third Party Advisory
- [karaf-commits] 20200517 [GitHub] [karaf] jbonofre commented on a change in pull request #1118: KARAF-6721 - Update Spring versions due to CVE-2020-5398-Mailing List, Third Party Advisory
- [karaf-commits] 20200517 [GitHub] [karaf] jbonofre commented on pull request #1118: KARAF-6721 - Update Spring versions due to CVE-2020-5398-Mailing List, Third Party Advisory
- [karaf-issues] 20200517 [jira] [Commented] (KARAF-6721) Update Spring versions due to CVE-2020-5398-Mailing List, Third Party Advisory
- [karaf-commits] 20200518 [GitHub] [karaf] jbonofre removed a comment on pull request #1118: KARAF-6721 - Update Spring versions due to CVE-2020-5398-Mailing List, Third Party Advisory
- [karaf-issues] 20200518 [jira] [Commented] (KARAF-6721) Upgrade to Spring 5.1.14.RELEASE and 5.2.5.RELEASE due to CVE-2020-5398-Mailing List, Third Party Advisory
- [karaf-commits] 20200518 [GitHub] [karaf] jbonofre commented on pull request #1118: KARAF-6721 - Update Spring versions due to CVE-2020-5398-Mailing List, Third Party Advisory
- [karaf-commits] 20200518 [karaf] branch karaf-4.2.x updated: KARAF-6721 - Update Spring versions due to CVE-2020-5398-Mailing List, Third Party Advisory
- [karaf-issues] 20200518 [jira] [Resolved] (KARAF-6721) Upgrade to Spring 5.1.14.RELEASE and 5.2.5.RELEASE due to CVE-2020-5398-Mailing List, Third Party Advisory
- [karaf-commits] 20200518 [GitHub] [karaf] jbonofre merged pull request #1118: KARAF-6721 - Update Spring versions due to CVE-2020-5398-Mailing List, Third Party Advisory
- [karaf-commits] 20200518 [karaf] branch master updated: KARAF-6721 - Update Spring versions due to CVE-2020-5398-Mailing List, Third Party Advisory
- https://lists.apache.org/thread.html/r712a6fce928e24e7b6ec30994a7e115a70f1f6e4cf2c2fbf0347ce46@%3Ccommits.servicecomb.apache.org%3E
- https://lists.apache.org/thread.html/ra996b56e1f5ab2fed235a8b91fa0cc3cf34c2e9fee290b7fa4380a0d@%3Ccommits.servicecomb.apache.org%3E
- https://lists.apache.org/thread.html/r881fb5a95ab251106fed38f836257276feb026bfe01290e72ff91c2a@%3Ccommits.servicecomb.apache.org%3E
- https://www.oracle.com/security-alerts/cpujul2020.html
- [ambari-issues] 20201013 [jira] [Created] (AMBARI-25571) Vulnerable Spring components in Ambari - CVE-2020-5398, CVE-2020-5421-Mailing List, Third Party Advisory
- [ambari-commits] 20201019 [ambari] branch branch-2.7 updated: AMBARI-25571. Vulnerable Spring components in Ambari - CVE-2020-5398, CVE-2020-5421 (dlysnichenko) (#3246)-Mailing List, Third Party Advisory
- [ambari-dev] 20201019 [GitHub] [ambari] dlysnichenko opened a new pull request #3246: AMBARI-25571. Vulnerable Spring components in Ambari - CVE-2020-5398, CVE-2020-5421-Mailing List, Third Party Advisory
- [ambari-dev] 20201019 [GitHub] [ambari] dlysnichenko merged pull request #3246: AMBARI-25571. Vulnerable Spring components in Ambari - CVE-2020-5398, CVE-2020-5421-Mailing List, Third Party Advisory
- https://www.oracle.com/security-alerts/cpuoct2020.html
- [ambari-issues] 20201021 [jira] [Resolved] (AMBARI-25571) Vulnerable Spring components in Ambari - CVE-2020-5398, CVE-2020-5421-Mailing List, Third Party Advisory
- https://www.oracle.com/security-alerts/cpujan2021.html
- https://lists.apache.org/thread.html/rded5291e25a4c4085a6d43cf262e479140198bf4eabb84986e0a1ef3@%3Cdev.rocketmq.apache.org%3E
- https://lists.apache.org/thread.html/r27552d2fa10d96f2810c50d16ad1fd1899e37796c81a0c5e7585a02d@%3Cdev.rocketmq.apache.org%3E
- [rocketmq-dev] 20210317 [GitHub] [rocketmq-externals] vongosling commented on issue #690: Spring Framework CVE-2020-5398-Mailing List, Third Party Advisory
- https://lists.apache.org/thread.html/r645408661a8df9158f49e337072df39838fa76da629a7e25a20928a6@%3Cdev.rocketmq.apache.org%3E
- https://www.oracle.com/security-alerts/cpuApr2021.html
- N/A-Patch, Third Party Advisory
- https://security.netapp.com/advisory/ntap-20210917-0006/
- https://www.oracle.com/security-alerts/cpuoct2021.html
- N/A-
Keywords