Spring Cloud Config Server – CVE-2020-5410

Description

Kayran has detected that the Version of Spring Cloud Config Server being used is vulnerable to Directory Traversal.
The current and older unsupported versions could allow applications to serve arbitrary configuration files via the ‘spring-cloud-config-server’ module.

CVE-2020-5410 is categorized as a ‘Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)’ vulnerability (CWE-22).
These Vulnerabilities occur when the software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory.
But in fact, the software does not properly neutralize special elements within the pathname that can cause it to resolve to a location that is outside of the restricted directory.

Attackers could abuse this to send a request using a specific crafted URL that can lead to Directory Traversal attacks against your assets.
That will assist attackers in obtaining sensitive information (Information Disclosure).

Recommendation

To fix CVE-2020-5410, upgrade the version of Spring Cloud Config Server being used to either 2.1.9 or 2.2.3.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5410

https://cwe.mitre.org/data/definitions/22.html

https://cwe.mitre.org/data/definitions/23.html

< Return to all Vulnerabilities

Servers 101

Let’s have a “quick” Servers 101 Course. Courtesy of Kayran! If you’ve been on the internet for over an hour, you probably already heard of

Read More »

Blue Team

We’ve talked about The Red Team before, but what about The Blue Team? How is this group different from the red one? Why would we

Read More »