CVE-2020-5410
VMware Tanzu Spring Cloud Config Directory Traversal Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
YesDecision
Descriptions
Spring Cloud Config, versions 2.2.x prior to 2.2.3, versions 2.1.x prior to 2.1.9, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead to a directory traversal attack.
Spring Cloud Config, las versiones 2.2.x anteriores a 2.2.3, versiones 2.1.x anteriores a 2.1.9, y las versiones más antiguas no compatibles, permiten a las aplicaciones servir archivos de configuración arbitrarios por medio del módulo spring Cloud-config-server. Un usuario malicioso, o un atacante, puede enviar una petición usando una URL especialmente diseñada que puede conllevar a un ataque de salto de directorio.
A flaw was found in spring-cloud-config in versions prior to 2.1.9 and 2.2.3. Applications are allowed to serve arbitrary configuration files through the spring-cloud-config-server module allowing an attacker to send a request using a specially crafted URL to create a directory traversal attack. The highest threat from this vulnerability is to data confidentiality.
Spring, by VMware Tanzu, Cloud Config contains a path traversal vulnerability that allows applications to serve arbitrary configuration files.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-01-03 CVE Reserved
- 2020-06-02 CVE Published
- 2020-06-16 First Exploit
- 2022-03-25 Exploited in Wild
- 2022-04-15 KEV Due Date
- 2024-09-16 CVE Updated
- 2024-10-29 EPSS Updated
CWE
- CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
- CWE-23: Relative Path Traversal
CAPEC
References (5)
URL | Tag | Source |
---|---|---|
https://xz.aliyun.com/t/7877 |
URL | Date | SRC |
---|---|---|
https://github.com/osamahamad/CVE-2020-5410-POC | 2020-06-16 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://tanzu.vmware.com/security/cve-2020-5410 | 2020-06-01 | |
https://access.redhat.com/security/cve/CVE-2020-5410 | 2021-08-11 | |
https://bugzilla.redhat.com/show_bug.cgi?id=1845626 | 2021-08-11 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Vmware Search vendor "Vmware" | Spring Cloud Config Search vendor "Vmware" for product "Spring Cloud Config" | >= 2.1.0 < 2.1.9 Search vendor "Vmware" for product "Spring Cloud Config" and version " >= 2.1.0 < 2.1.9" | - |
Affected
| ||||||
Vmware Search vendor "Vmware" | Spring Cloud Config Search vendor "Vmware" for product "Spring Cloud Config" | >= 2.2.0 < 2.2.3 Search vendor "Vmware" for product "Spring Cloud Config" and version " >= 2.2.0 < 2.2.3" | - |
Affected
|