Security scan shows NSX as vulnerable to Pivotal Software Spring Data Commons: CVE-2018-1273: Improper Control of Generation of Code
search cancel

Security scan shows NSX as vulnerable to Pivotal Software Spring Data Commons: CVE-2018-1273: Improper Control of Generation of Code

book

Article ID: 409995

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

A security vulnerability scan may produce a positive result for CVE-2018-1273: Improper Control of Generation of Code

Environment

  • VMware NSX

Cause

Some security vulnerability scanning tools may report a false positive result for CVE-2018-1273: Improper Control of Generation of Code when scanning NSX.

This may be due to the tool detecting other Spring libraries in use that aren't affected by this issue.  

Resolution

NSX does not use the Spring Data Commons libraries and is not vulnerable to CVE-2018-1273: Improper Control of Generation of Code.  If you are seeing this in your security scan, please consult your security tool vendor.

Additional Information

For information on the vulnerability, please see https://spring.io/security/cve-2018-1273

Powered by Wolken Software