CVE-2015-5211 vulnerability in VMware and Other Products
Published on May 25, 2017
Under some situations, the Spring Framework 4.2.0 to 4.2.1, 4.0.0 to 4.1.7, 3.2.0 to 3.2.14 and older unsupported versions is vulnerable to a Reflected File Download (RFD) attack. The attack involves a malicious user crafting a URL with a batch script extension that results in the response being downloaded rather than rendered and also includes some input reflected in the response.
Products Associated with CVE-2015-5211
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2015-5211 are published in these products:
Exploit Probability
EPSS
1.92%
Percentile
83.30%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.