CVE-2020-5405 – org.springframework.cloud:spring-cloud-config-server

Package

Manager: maven
Name: org.springframework.cloud:spring-cloud-config-server
Vulnerable Version: >=2.1.0 <2.1.7 || >=2.2.0 <2.2.2

Severity

Level: Medium

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

EPSS: 0.69694 pctl0.9861

Details

Directory traversal attack in Spring Cloud Config Spring Cloud Config, versions 2.2.x prior to 2.2.2, versions 2.1.x prior to 2.1.7, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead a directory traversal attack.

Metadata

Created: 2020-06-05T16:11:36Z
Modified: 2021-08-25T22:01:25Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2020/06/GHSA-g86w-v5vg-9gxf/GHSA-g86w-v5vg-9gxf.json
CWE IDs: ["CWE-22", "CWE-23"]
Alternative ID: GHSA-g86w-v5vg-9gxf
Finding: F063
Auto approve: 1