Is CVE-2020-5410 in the CISA Known Exploited Vulnerabilities catalog?

Yes — CVE-2020-5410 is listed in CISA KEV, remediation due 2022-04-15.

CISA Known Exploited Vulnerability

CVE-2020-5410

Spring, by VMware Tanzu, Cloud Config contains a path traversal vulnerability that allows applications to serve arbitrary configuration files.

⚠ Actively exploited (CISA KEV) Spring 2020

CISA catalog entry

Product

Spring Cloud Configuration (Config) Server

Vendor

VMware Tanzu

Added to KEV

2022-03-25

Remediation due

2022-04-15

CVE-2020-5410 is tracked in the CISA Known Exploited Vulnerabilities catalog. WebPulse monitors it as part of its framework security intelligence.

Related vulnerabilities

CVE-2026-9319 CVE-2026-9311 CVE-2026-8644 CVE-2026-40994 CVE-2026-40987 CVE-2022-22965 CVE-2022-22963 CVE-2022-22947