The VMware Spring Cloud Function < 3.1.7, 3.2.x < 3.2.3 RCE Vulnerability - Active Check (1.3.6.1.4.1.25623.1.0.148068) is trying to trick the scanned machine to send ping back GVM:
HTTP "spring.cloud.function.routing-expression" header : T(java.lang.Runtime).getRuntime().exec("ping -c 5 GVM")
This is suboptimal: My machine has nothing to do with VMware but happens to be running a network-inventory-tool which occasionally pings GVM…
Generally all results of automated scanning tools / scanners needs to be verified manually:
e.g. some procedures required to check a specific vulnerability (like done in the VT in question) might not work against specific environments / targets (like the target in question sending pings back to the scanner host).
If such a manual verification was done here and it turned out that the target in question is indeed not affected it is suggested to create an “Override” like described here because this seems to be a quite specific case:
https://docs.greenbone.net/GSM-Manual/gos-22.04/en/reports.html#using-overrides-and-false-positives
Sure, I created an temporary override for this.
Just wanted to point out, that this check could be improved…
We are always happy to receive specific improvement suggestions.
But in this case we don’t see any need as changing the way the check is done would e.g. risk in a missing detection for other actual vulnerable targets just to not report on a quite specific environment.