Primary

Context

VMware Spring Boot Predictable Temporary Directory Vulnerability Allowing Session Hijacking and Code Execution

Vulnerability

Patched

A vulnerability exists in VMware Spring Boot versions 4.0.0 to 4.0.5, 3.5.0 to 3.5.13, 3.4.0 to 3.4.15, 3.3.0 to 3.3.18, and 2.7.0 to 2.7.32. When the 'server.servlet.session.persistent' setting is enabled, a local attacker on the same host as the application can exploit predictable ownership verification of the temporary directory used by 'ApplicationTemp'. This could lead to unauthorized access to session information, allowing the attacker to hijack authenticated users or execute code as the application's user by deploying a gadget chain.

Impact

Exploitation of this vulnerability could result in session hijacking of authenticated users and unauthorized code execution as the application's user.

Remediation

Users should upgrade to Spring Boot 4.0.6, 3.5.14, 3.4.16 (Enterprise Support Only), 3.3.19 (Enterprise Support Only) or 2.7.33 (Enterprise Support Only).

Added: Apr 28, 2026, 12:32 AM

Updated: Apr 28, 2026, 12:32 AM

Vulnerability Rating

Custom Algorithm

spread

7.6

impact

7.5

exploitability

3.0

remediation

7.7

relevance

6.9

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.6

impact

7.5

exploitability

3.0

remediation

7.7

relevance

6.9

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

VMware Spring Boot Predictable Temporary Directory Vulnerability Allowing Session Hijacking and Code Execution

Vulnerability

Impact

Remediation

Affected Products

Spring Boot

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating