CISA Known Exploited Vulnerability

CVE-2018-1273 Ransomware

VMware Tanzu · Spring Data Commons

VMware Tanzu Spring Data Commons Property Binder Vulnerability

Date added 2022-03-25

BOD 22-01 due date 2022-04-15

CWE CWE-94

Ransomware Known

CISA description

Spring Data Commons contains a property binder vulnerability which can allow an attacker to perform remote code execution.

Apply updates per vendor instructions.

Vulnerability data triggers these controls during assessment and continuous monitoring.