VMware offers training and certification to turbo-charge your progress.Learn more
When processing authorization requests using the whitelabel views, the response_type parameter value was executed as Spring SpEL which enabled a malicious user to trigger remote code execution via the crafting of the value for response_type.
Users of affected versions should apply the following mitigation:
This issue was found by David Vieira-Kurz (@secalert) and reported by Oliver Schoenherr on behalf of Immobilien Scout GmbH.
The VMware Security Response team provides a single point of contact for the reporting of security vulnerabilities in VMware Tanzu products and coordinates the process of investigating any reported vulnerabilities.
To report a security vulnerability in a VMware service or product please refer to the VMware Security Response Policy.