Spring Cloud Config Server – CVE-2020-5410

Description

Kayran has detected that the Version of Spring Cloud Config Server being used is vulnerable to Directory Traversal.
The current and older unsupported versions could allow applications to serve arbitrary configuration files via the ‘spring-cloud-config-server’ module.

CVE-2020-5410 is categorized as a ‘Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)’ vulnerability (CWE-22).
These Vulnerabilities occur when the software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory.
But in fact, the software does not properly neutralize special elements within the pathname that can cause it to resolve to a location that is outside of the restricted directory.

Attackers could abuse this to send a request using a specific crafted URL that can lead to Directory Traversal attacks against your assets.
That will assist attackers in obtaining sensitive information (Information Disclosure).

Recommendation

To fix CVE-2020-5410, upgrade the version of Spring Cloud Config Server being used to either 2.1.9 or 2.2.3.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5410

https://cwe.mitre.org/data/definitions/22.html

https://cwe.mitre.org/data/definitions/23.html

< Return to all Vulnerabilities

Bug Bounties

As pirates, we all love plundering, we all love raiding, but mostly, we all love bounties, especially Bug Bounties. Let’s talk about it. Bug Bounties

Read More »