CVE-2024-38820 | VMware Spring up to 5.3.40/6.0.24/6.1.13 DataBinder String.toLowerCase access control

CVE-2024-38820 | VMware Spring up to 5.3.40/6.0.24/6.1.13 DataBinder String.toLowerCase access control

A vulnerability was found in VMware Spring up to 5.3.40/6.0.24/6.1.13. It has been declared as problematic. Affected by this vulnerability is the function String.toLowerCase of the component DataBinder. The manipulation leads to improper access controls. This vulnerability is known as CVE-2024-38820. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.