Vulnerabilites related to vmware - spring_cloud_config
cve-2020-5405
Vulnerability from cvelistv5
Published
2020-03-05 19:00
Modified
2024-09-16 22:36
Severity ?
EPSS score ?
Summary
Spring Cloud Config, versions 2.2.x prior to 2.2.2, versions 2.1.x prior to 2.1.7, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead a directory traversal attack.
References
| ▼ | URL | Tags |
|---|---|---|
| https://pivotal.io/security/cve-2020-5405 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Spring by VMware | Spring Cloud Config |
Version: 2.2 < 2.2.2 Version: 2.1 < 2.1.7 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T08:30:24.557Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://pivotal.io/security/cve-2020-5405", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Spring Cloud Config", vendor: "Spring by VMware", versions: [ { lessThan: "2.2.2", status: "affected", version: "2.2", versionType: "custom", }, { lessThan: "2.1.7", status: "affected", version: "2.1", versionType: "custom", }, ], }, ], datePublic: "2020-03-05T00:00:00", descriptions: [ { lang: "en", value: "Spring Cloud Config, versions 2.2.x prior to 2.2.2, versions 2.1.x prior to 2.1.7, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead a directory traversal attack.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-23", description: "CWE-23: Relative Path Traversal", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-03-05T19:00:19", orgId: "862b2186-222f-48b9-af87-f1fb7bb26d03", shortName: "pivotal", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://pivotal.io/security/cve-2020-5405", }, ], source: { discovery: "UNKNOWN", }, title: "Directory Traversal with spring-cloud-config-server", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@pivotal.io", DATE_PUBLIC: "2020-03-05T00:00:00.000Z", ID: "CVE-2020-5405", STATE: "PUBLIC", TITLE: "Directory Traversal with spring-cloud-config-server", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Spring Cloud Config", version: { version_data: [ { affected: "<", version_affected: "<", version_name: "2.2", version_value: "2.2.2", }, { affected: "<", version_affected: "<", version_name: "2.1", version_value: "2.1.7", }, ], }, }, ], }, vendor_name: "Spring by VMware", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Spring Cloud Config, versions 2.2.x prior to 2.2.2, versions 2.1.x prior to 2.1.7, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead a directory traversal attack.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-23: Relative Path Traversal", }, ], }, ], }, references: { reference_data: [ { name: "https://pivotal.io/security/cve-2020-5405", refsource: "CONFIRM", url: "https://pivotal.io/security/cve-2020-5405", }, ], }, source: { discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "862b2186-222f-48b9-af87-f1fb7bb26d03", assignerShortName: "pivotal", cveId: "CVE-2020-5405", datePublished: "2020-03-05T19:00:19.429999Z", dateReserved: "2020-01-03T00:00:00", dateUpdated: "2024-09-16T22:36:28.048Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20859
Vulnerability from cvelistv5
Published
2023-03-23 00:00
Modified
2025-02-25 15:40
Severity ?
EPSS score ?
Summary
In Spring Vault, versions 3.0.x prior to 3.0.2 and versions 2.3.x prior to 2.3.3 and older versions, an application is vulnerable to insertion of sensitive information into a log file when it attempts to revoke a Vault batch token.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Spring Vault, Spring Cloud Vault, Spring Cloud Config |
Version: Spring Vault (3.0.0 to 3.0.1, 2.3.0 to 2.3.2), Spring Cloud Vault (4.0.0, 3.1.0 to 3.1.2 and older versions), Spring Cloud Config (4.0.0 to 4.0.1, 3.1.0 to 3.1.6 and older versions) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T09:21:32.442Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://spring.io/security/cve-2023-20859", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-20859", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-02-25T15:40:11.169973Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-02-25T15:40:28.087Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Spring Vault, Spring Cloud Vault, Spring Cloud Config", vendor: "n/a", versions: [ { status: "affected", version: "Spring Vault (3.0.0 to 3.0.1, 2.3.0 to 2.3.2), Spring Cloud Vault (4.0.0, 3.1.0 to 3.1.2 and older versions), Spring Cloud Config (4.0.0 to 4.0.1, 3.1.0 to 3.1.6 and older versions)", }, ], }, ], descriptions: [ { lang: "en", value: "In Spring Vault, versions 3.0.x prior to 3.0.2 and versions 2.3.x prior to 2.3.3 and older versions, an application is vulnerable to insertion of sensitive information into a log file when it attempts to revoke a Vault batch token.", }, ], problemTypes: [ { descriptions: [ { description: "Information disclosure vulnerability", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-23T00:00:00.000Z", orgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", shortName: "vmware", }, references: [ { url: "https://spring.io/security/cve-2023-20859", }, ], }, }, cveMetadata: { assignerOrgId: "dcf2e128-44bd-42ed-91e8-88f912c1401d", assignerShortName: "vmware", cveId: "CVE-2023-20859", datePublished: "2023-03-23T00:00:00.000Z", dateReserved: "2022-11-01T00:00:00.000Z", dateUpdated: "2025-02-25T15:40:28.087Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-5410
Vulnerability from cvelistv5
Published
2020-06-02 16:50
Modified
2025-02-07 12:44
Severity ?
EPSS score ?
Summary
Spring Cloud Config, versions 2.2.x prior to 2.2.3, versions 2.1.x prior to 2.1.9, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead to a directory traversal attack.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tanzu.vmware.com/security/cve-2020-5410 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Spring by VMware | Spring Cloud Config |
Version: 2.1 < 2.1.9 Version: 2.2 < 2.2.3 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T08:30:24.192Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://tanzu.vmware.com/security/cve-2020-5410", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2020-5410", options: [ { Exploitation: "active", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-02-07T12:43:59.584737Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2022-03-25", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2020-5410", }, type: "kev", }, }, ], providerMetadata: { dateUpdated: "2025-02-07T12:44:18.402Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Spring Cloud Config", vendor: "Spring by VMware", versions: [ { lessThan: "2.1.9", status: "affected", version: "2.1", versionType: "custom", }, { lessThan: "2.2.3", status: "affected", version: "2.2", versionType: "custom", }, ], }, ], datePublic: "2020-06-01T00:00:00.000Z", descriptions: [ { lang: "en", value: "Spring Cloud Config, versions 2.2.x prior to 2.2.3, versions 2.1.x prior to 2.1.9, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead to a directory traversal attack.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-23", description: "CWE-23: Relative Path Traversal", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-02T16:50:11.000Z", orgId: "862b2186-222f-48b9-af87-f1fb7bb26d03", shortName: "pivotal", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://tanzu.vmware.com/security/cve-2020-5410", }, ], source: { discovery: "UNKNOWN", }, title: "Directory Traversal with spring-cloud-config-server", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@pivotal.io", DATE_PUBLIC: "2020-06-01T00:00:00.000Z", ID: "CVE-2020-5410", STATE: "PUBLIC", TITLE: "Directory Traversal with spring-cloud-config-server", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Spring Cloud Config", version: { version_data: [ { version_affected: "<", version_name: "2.1", version_value: "2.1.9", }, { version_affected: "<", version_name: "2.2", version_value: "2.2.3", }, ], }, }, ], }, vendor_name: "Spring by VMware", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Spring Cloud Config, versions 2.2.x prior to 2.2.3, versions 2.1.x prior to 2.1.9, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead to a directory traversal attack.", }, ], }, impact: null, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-23: Relative Path Traversal", }, ], }, ], }, references: { reference_data: [ { name: "https://tanzu.vmware.com/security/cve-2020-5410", refsource: "CONFIRM", url: "https://tanzu.vmware.com/security/cve-2020-5410", }, ], }, source: { discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "862b2186-222f-48b9-af87-f1fb7bb26d03", assignerShortName: "pivotal", cveId: "CVE-2020-5410", datePublished: "2020-06-02T16:50:12.055Z", dateReserved: "2020-01-03T00:00:00.000Z", dateUpdated: "2025-02-07T12:44:18.402Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-3799
Vulnerability from cvelistv5
Published
2019-05-06 15:21
Modified
2024-09-17 00:16
Severity ?
EPSS score ?
Summary
Spring Cloud Config, versions 2.1.x prior to 2.1.2, versions 2.0.x prior to 2.0.4, and versions 1.4.x prior to 1.4.6, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead a directory traversal attack.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.oracle.com/security-alerts/cpuapr2022.html | x_refsource_MISC | |
| https://pivotal.io/security/cve-2019-3799 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Spring | Spring Cloud Config |
Version: 2.0 < v2.0.4.RELEASE Version: 1.4 < v1.4.6.RELEASE Version: 2.1 < v2.1.2.RELEASE |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T19:19:18.484Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://pivotal.io/security/cve-2019-3799", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Spring Cloud Config", vendor: "Spring", versions: [ { lessThan: "v2.0.4.RELEASE", status: "affected", version: "2.0", versionType: "custom", }, { lessThan: "v1.4.6.RELEASE", status: "affected", version: "1.4", versionType: "custom", }, { lessThan: "v2.1.2.RELEASE", status: "affected", version: "2.1", versionType: "custom", }, ], }, ], datePublic: "2019-04-17T00:00:00", descriptions: [ { lang: "en", value: "Spring Cloud Config, versions 2.1.x prior to 2.1.2, versions 2.0.x prior to 2.0.4, and versions 1.4.x prior to 1.4.6, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead a directory traversal attack.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-22", description: "CWE-22: Path Traversal", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-19T23:20:44", orgId: "c550e75a-17ff-4988-97f0-544cde3820fe", shortName: "dell", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://pivotal.io/security/cve-2019-3799", }, ], source: { discovery: "UNKNOWN", }, title: "Directory Traversal with spring-cloud-config-server", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@dell.com", DATE_PUBLIC: "2019-04-17T00:00:00.000Z", ID: "CVE-2019-3799", STATE: "PUBLIC", TITLE: "Directory Traversal with spring-cloud-config-server", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Spring Cloud Config", version: { version_data: [ { affected: "<", version_affected: "<", version_name: "2.0", version_value: "v2.0.4.RELEASE", }, { affected: "<", version_affected: "<", version_name: "1.4", version_value: "v1.4.6.RELEASE", }, { affected: "<", version_affected: "<", version_name: "2.1", version_value: "v2.1.2.RELEASE", }, ], }, }, ], }, vendor_name: "Spring", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Spring Cloud Config, versions 2.1.x prior to 2.1.2, versions 2.0.x prior to 2.0.4, and versions 1.4.x prior to 1.4.6, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead a directory traversal attack.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-22: Path Traversal", }, ], }, ], }, references: { reference_data: [ { name: "https://www.oracle.com/security-alerts/cpuapr2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { name: "https://pivotal.io/security/cve-2019-3799", refsource: "CONFIRM", url: "https://pivotal.io/security/cve-2019-3799", }, ], }, source: { discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "c550e75a-17ff-4988-97f0-544cde3820fe", assignerShortName: "dell", cveId: "CVE-2019-3799", datePublished: "2019-05-06T15:21:37.135488Z", dateReserved: "2019-01-03T00:00:00", dateUpdated: "2024-09-17T00:16:21.820Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2019-05-06 16:29
Modified
2024-11-21 04:42
Severity ?
Summary
Spring Cloud Config, versions 2.1.x prior to 2.1.2, versions 2.0.x prior to 2.0.4, and versions 1.4.x prior to 1.4.6, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead a directory traversal attack.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security_alert@emc.com | https://pivotal.io/security/cve-2019-3799 | Vendor Advisory | |
| security_alert@emc.com | https://www.oracle.com/security-alerts/cpuapr2022.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://pivotal.io/security/cve-2019-3799 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpuapr2022.html | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | spring_cloud_config | * | |
| vmware | spring_cloud_config | * | |
| vmware | spring_cloud_config | * | |
| oracle | communications_cloud_native_core_policy | 1.15.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:spring_cloud_config:*:*:*:*:*:*:*:*", matchCriteriaId: "A724E528-B720-439B-84A6-86A3E34D1CB2", versionEndExcluding: "1.4.6", versionStartIncluding: "1.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:spring_cloud_config:*:*:*:*:*:*:*:*", matchCriteriaId: "DA89E863-F397-4359-8F46-1D8200415C94", versionEndExcluding: "2.0.4", versionStartIncluding: "2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:spring_cloud_config:*:*:*:*:*:*:*:*", matchCriteriaId: "579E4C4A-DDE1-43F8-BD16-16E583404148", versionEndExcluding: "2.1.2", versionStartIncluding: "2.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.15.0:*:*:*:*:*:*:*", matchCriteriaId: "B4367D9B-BF81-47AD-A840-AC46317C774D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Spring Cloud Config, versions 2.1.x prior to 2.1.2, versions 2.0.x prior to 2.0.4, and versions 1.4.x prior to 1.4.6, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead a directory traversal attack.", }, { lang: "es", value: "Spring Cloud Config, versiones 2.1.x anteriores a 2.1.2, versiones 2.0.x anteriores a 2.0.4, versiones 1.4.x anteriores a 1.4.6, y versiones anteriores no compatibles, permiten que aplicaciones entreguen archivos de configuración arbitrarios por medio del Módulo spring-cloud-config-server. Un usuario malicioso, o un atacante, puede enviar una petición usando una URL especialmente creada que puede provocar un ataque transversal a un directorio.", }, ], id: "CVE-2019-3799", lastModified: "2024-11-21T04:42:33.827", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-06T16:29:01.567", references: [ { source: "security_alert@emc.com", tags: [ "Vendor Advisory", ], url: "https://pivotal.io/security/cve-2019-3799", }, { source: "security_alert@emc.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://pivotal.io/security/cve-2019-3799", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, ], sourceIdentifier: "security_alert@emc.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "security_alert@emc.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-03-05 19:15
Modified
2024-11-21 05:34
Severity ?
Summary
Spring Cloud Config, versions 2.2.x prior to 2.2.2, versions 2.1.x prior to 2.1.7, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead a directory traversal attack.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@pivotal.io | https://pivotal.io/security/cve-2020-5405 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://pivotal.io/security/cve-2020-5405 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | spring_cloud_config | * | |
| vmware | spring_cloud_config | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:spring_cloud_config:*:*:*:*:*:*:*:*", matchCriteriaId: "4C8E6F0B-784C-4485-9FDC-6B1DDB2DDA9F", versionEndExcluding: "2.1.7", versionStartIncluding: "2.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:spring_cloud_config:*:*:*:*:*:*:*:*", matchCriteriaId: "2418A83C-F975-467A-93DA-1E35B967E17C", versionEndExcluding: "2.2.2", versionStartIncluding: "2.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Spring Cloud Config, versions 2.2.x prior to 2.2.2, versions 2.1.x prior to 2.1.7, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead a directory traversal attack.", }, { lang: "es", value: "Spring Cloud Config, versiones 2.2.x anteriores a 2.2.2, versiones 2.1.x anteriores a 2.1.7 y versiones anteriores no compatibles, permite a unas aplicaciones servir archivos de configuración arbitrarios por medio del módulo spring-cloud-config-server. Un usuario malicioso, o atacante, puede enviar una petición usando una URL especialmente diseñada que puede conllevar a un ataque de salto de directorio.", }, ], id: "CVE-2020-5405", lastModified: "2024-11-21T05:34:05.090", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-03-05T19:15:11.700", references: [ { source: "security@pivotal.io", tags: [ "Vendor Advisory", ], url: "https://pivotal.io/security/cve-2020-5405", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://pivotal.io/security/cve-2020-5405", }, ], sourceIdentifier: "security@pivotal.io", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-23", }, ], source: "security@pivotal.io", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-02 17:15
Modified
2025-02-07 15:02
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
Spring Cloud Config, versions 2.2.x prior to 2.2.3, versions 2.1.x prior to 2.1.9, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead to a directory traversal attack.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@pivotal.io | https://tanzu.vmware.com/security/cve-2020-5410 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tanzu.vmware.com/security/cve-2020-5410 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | spring_cloud_config | * | |
| vmware | spring_cloud_config | * |
{ cisaActionDue: "2022-04-15", cisaExploitAdd: "2022-03-25", cisaRequiredAction: "Apply updates per vendor instructions.", cisaVulnerabilityName: "VMware Tanzu Spring Cloud Config Directory Traversal Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:spring_cloud_config:*:*:*:*:*:*:*:*", matchCriteriaId: "AD89FB84-A583-4310-B217-43EFB4825969", versionEndExcluding: "2.1.9", versionStartIncluding: "2.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:spring_cloud_config:*:*:*:*:*:*:*:*", matchCriteriaId: "286B290C-8CEA-4EE1-B899-ED799CFF2B44", versionEndExcluding: "2.2.3", versionStartIncluding: "2.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Spring Cloud Config, versions 2.2.x prior to 2.2.3, versions 2.1.x prior to 2.1.9, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead to a directory traversal attack.", }, { lang: "es", value: "Spring Cloud Config, las versiones 2.2.x anteriores a 2.2.3, versiones 2.1.x anteriores a 2.1.9, y las versiones más antiguas no compatibles, permiten a las aplicaciones servir archivos de configuración arbitrarios por medio del módulo spring Cloud-config-server. Un usuario malicioso, o un atacante, puede enviar una petición usando una URL especialmente diseñada que puede conllevar a un ataque de salto de directorio.", }, ], id: "CVE-2020-5410", lastModified: "2025-02-07T15:02:48.683", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2020-06-02T17:15:11.690", references: [ { source: "security@pivotal.io", tags: [ "Vendor Advisory", ], url: "https://tanzu.vmware.com/security/cve-2020-5410", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tanzu.vmware.com/security/cve-2020-5410", }, ], sourceIdentifier: "security@pivotal.io", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-23", }, ], source: "security@pivotal.io", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-03-23 21:15
Modified
2024-11-21 07:41
Severity ?
Summary
In Spring Vault, versions 3.0.x prior to 3.0.2 and versions 2.3.x prior to 2.3.3 and older versions, an application is vulnerable to insertion of sensitive information into a log file when it attempts to revoke a Vault batch token.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://spring.io/security/cve-2023-20859 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://spring.io/security/cve-2023-20859 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | spring_cloud_config | * | |
| vmware | spring_cloud_config | * | |
| vmware | spring_cloud_vault | * | |
| vmware | spring_cloud_vault | 4.0.0 | |
| vmware | spring_vault | * | |
| vmware | spring_vault | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vmware:spring_cloud_config:*:*:*:*:*:*:*:*", matchCriteriaId: "27E7C265-DE73-4FE5-BAE9-D6FD0B838B90", versionEndIncluding: "3.1.6", versionStartIncluding: "3.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:spring_cloud_config:*:*:*:*:*:*:*:*", matchCriteriaId: "6A42F633-1074-46A8-AB65-DF694B34F650", versionEndIncluding: "4.0.1", versionStartIncluding: "4.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:spring_cloud_vault:*:*:*:*:*:*:*:*", matchCriteriaId: "B545C7F6-40FB-4010-9146-1ED3FB861E79", versionEndIncluding: "3.1.2", versionStartIncluding: "3.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:spring_cloud_vault:4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "DDBE7574-C6A7-4EE3-B7BE-5D867E1034BF", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:spring_vault:*:*:*:*:*:*:*:*", matchCriteriaId: "B2216E96-8849-4F10-BB79-24BB6B5A1F15", versionEndExcluding: "2.3.3", versionStartIncluding: "2.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:vmware:spring_vault:*:*:*:*:*:*:*:*", matchCriteriaId: "87C49F06-1DF2-4BA5-89E4-1FD4ED9086FF", versionEndExcluding: "3.0.2", versionStartIncluding: "3.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Spring Vault, versions 3.0.x prior to 3.0.2 and versions 2.3.x prior to 2.3.3 and older versions, an application is vulnerable to insertion of sensitive information into a log file when it attempts to revoke a Vault batch token.", }, ], id: "CVE-2023-20859", lastModified: "2024-11-21T07:41:42.577", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-03-23T21:15:19.680", references: [ { source: "security@vmware.com", tags: [ "Vendor Advisory", ], url: "https://spring.io/security/cve-2023-20859", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://spring.io/security/cve-2023-20859", }, ], sourceIdentifier: "security@vmware.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-532", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }