Element Plug-in for vCenter Server incorporates SpringBoot Framework. SpringBoot Framework versions prior to 1.3.2 are susceptible to a vulnerability which when successfully exploited could lead to Remote Code Execution. All versions of Element Plug-in for vCenter Server, Management Services versions prior to 2.17.56 and Management Node versions through 12.2 contain vulnerable versions of SpringBoot Framework.
{
"unresolved_ranges": [
{
"cpes": [
"cpe:2.3:a:netapp:management_services_for_element_software_and_netapp_hci:*:*:*:*:*:*:*:*"
],
"extracted_events": [
{
"fixed": "2.17.56"
}
],
"vendor_product": "netapp:management_services_for_element_software_and_netapp_hci",
"source": "CPE_RANGE"
},
{
"cpes": [
"cpe:2.3:a:netapp:solidfire_\\&_hci_management_node:*:*:*:*:*:*:*:*"
],
"extracted_events": [
{
"last_affected": "12.2"
}
],
"vendor_product": "netapp:solidfire_&_hci_management_node",
"source": "CPE_RANGE"
}
]
}{
"cpe": "cpe:2.3:a:vmware:spring_boot:*:*:*:*:*:*:*:*",
"extracted_events": [
{
"introduced": "0"
},
{
"fixed": "1.3.2"
}
],
"source": "CPE_RANGE"
}