fkie_nvd - fkie_cve-2015-5211

fkie_cve-2015-5211

Vulnerability from fkie_nvd

Published

2017-05-25 17:29

Modified

2025-04-20 01:37

Severity ?

9.6 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Summary

Under some situations, the Spring Framework 4.2.0 to 4.2.1, 4.0.0 to 4.1.7, 3.2.0 to 3.2.14 and older unsupported versions is vulnerable to a Reflected File Download (RFD) attack. The attack involves a malicious user crafting a URL with a batch script extension that results in the response being downloaded rather than rendered and also includes some input reflected in the response.

References

URL	Tags
security_alert@emc.com	https://lists.debian.org/debian-lts-announce/2019/07/msg00012.html	Mailing List, Third Party Advisory
security_alert@emc.com	https://pivotal.io/security/cve-2015-5211	Vendor Advisory
security_alert@emc.com	https://www.trustwave.com/Resources/SpiderLabs-Blog/Reflected-File-Download---A-New-Web-Attack-Vector/	Exploit, Technical Description
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2019/07/msg00012.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://pivotal.io/security/cve-2015-5211	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.trustwave.com/Resources/SpiderLabs-Blog/Reflected-File-Download---A-New-Web-Attack-Vector/	Exploit, Technical Description

Impacted products

Vendor	Product	Version
vmware	spring_framework	3.2.0
vmware	spring_framework	3.2.1
vmware	spring_framework	3.2.2
vmware	spring_framework	3.2.3
vmware	spring_framework	3.2.4
vmware	spring_framework	3.2.5
vmware	spring_framework	3.2.6
vmware	spring_framework	3.2.7
vmware	spring_framework	3.2.8
vmware	spring_framework	3.2.9
vmware	spring_framework	3.2.10
vmware	spring_framework	3.2.11
vmware	spring_framework	3.2.12
vmware	spring_framework	3.2.13
vmware	spring_framework	3.2.14
vmware	spring_framework	4.0.0
vmware	spring_framework	4.0.1
vmware	spring_framework	4.0.2
vmware	spring_framework	4.0.3
vmware	spring_framework	4.0.4
vmware	spring_framework	4.0.5
vmware	spring_framework	4.0.6
vmware	spring_framework	4.0.7
vmware	spring_framework	4.0.8
vmware	spring_framework	4.0.9
vmware	spring_framework	4.1.0
vmware	spring_framework	4.1.1
vmware	spring_framework	4.1.2
vmware	spring_framework	4.1.3
vmware	spring_framework	4.1.4
vmware	spring_framework	4.1.5
vmware	spring_framework	4.1.6
vmware	spring_framework	4.1.7
vmware	spring_framework	4.2.0
vmware	spring_framework	4.2.1
debian	debian_linux	8.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:vmware:spring_framework:3.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "47CED0ED-D67E-48AF-BB1A-EB1030897A8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:spring_framework:3.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2E2EA60-735E-431E-BEFE-DC5C1046E532",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:spring_framework:3.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFD1FA92-7BFC-4874-89FC-BE0F378F0DB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:spring_framework:3.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CC0E26F-2E8B-4B30-8C43-8BD2015EBB88",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:spring_framework:3.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CB73406-5FE4-438E-BCB7-57FBF6EC38D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:spring_framework:3.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B76F06BC-F53E-4E37-B84F-3E992D459A49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:spring_framework:3.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD8CC0CF-61DE-4E3A-80DD-4AD34EBDF419",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:spring_framework:3.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "09D49870-9E17-4049-9ABB-311C319A0E8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:spring_framework:3.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB9CE889-FBC5-4078-ABAC-8BC6CA235D04",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:spring_framework:3.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF34B57A-9732-44C8-9EC7-07394FB588F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:spring_framework:3.2.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "C528FEA9-2E5E-413B-89C1-F14C67059702",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:spring_framework:3.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C7EA42F-55C6-4934-8F60-98B7717188D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:spring_framework:3.2.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1DA44C3-D083-4584-8ACC-73B234767669",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:spring_framework:3.2.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D6399F2-B9D6-4097-89DB-5F4B434DFFD3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:spring_framework:3.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD49BDC0-3431-43CF-8FF0-4A159238991B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:spring_framework:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "20323D05-493C-4100-8701-AAF1ED905662",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:spring_framework:4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0A0C100-FAD1-4004-AA42-AE508F4D540E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:spring_framework:4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE8D78C3-5C4D-4FAD-BC0F-1AD8C55D88F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:spring_framework:4.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDB13067-D890-414E-B7CD-A3C11A1DBC9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:spring_framework:4.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AA135B9-819D-4FAF-8F98-EA4549575327",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:spring_framework:4.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1561FC1D-14AD-4FFB-9F46-C7CC47E04C6D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:spring_framework:4.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "06A86A8F-B9E0-4766-8F49-BC520E190CC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:spring_framework:4.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A0A67CF-ECC3-4EDF-84D0-745E26BB508F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:spring_framework:4.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "15BD140A-92B8-4DEA-8747-8C28E812D7BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:spring_framework:4.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "88C8E417-A8F7-42D2-BD71-178AD4192DDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:spring_framework:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFEE4E90-3CFD-4541-BF32-CC55B32B9F53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:spring_framework:4.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC1A4DB1-083B-4AAB-B1A2-CFFD487A1FBF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:spring_framework:4.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "53D5991E-2CD0-42D9-8158-25FF18275B21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:spring_framework:4.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "130DBD54-EF87-4A90-A727-F2BFFBF2DFA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:spring_framework:4.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDB59905-C658-4EFD-B073-FE84F0BF1DDB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:spring_framework:4.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9382948-689D-40CD-ADC8-E41BB1F02D5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:spring_framework:4.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D269ABA-5E23-4F3D-B999-C51B2494EE01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:spring_framework:4.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3BEAAF2-E45F-4F52-9A2A-BF1BBDA4D2E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:spring_framework:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1774EF13-CCA1-4C55-93B9-A9C13D893C4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:spring_framework:4.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2DF06FD-CFEE-4B60-8058-B44569BE8BE5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Under some situations, the Spring Framework 4.2.0 to 4.2.1, 4.0.0 to 4.1.7, 3.2.0 to 3.2.14 and older unsupported versions is vulnerable to a Reflected File Download (RFD) attack. The attack involves a malicious user crafting a URL with a batch script extension that results in the response being downloaded rather than rendered and also includes some input reflected in the response."
    },
    {
      "lang": "es",
      "value": "En algunas situaciones, el Framework Spring versiones 4.2.0 hasta 4.2.1, versiones 4.0.0 hasta 4.1.7, versiones 3.2.0 hasta 3.2.14 y versiones anteriores no compatibles, son vulnerables a un ataque de tipo Reflected File Download (RFD). El ataque involucra a un usuario malicioso que dise\u00f1a una URL con una extensi\u00f3n de script por lotes lo que resulta en la respuesta siendo descargada en lugar de renderizada y tambi\u00e9n incluye alguna entrada reflejada en la respuesta."
    }
  ],
  "id": "CVE-2015-5211",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.6,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 6.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-05-25T17:29:00.443",
  "references": [
    {
      "source": "security_alert@emc.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00012.html"
    },
    {
      "source": "security_alert@emc.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://pivotal.io/security/cve-2015-5211"
    },
    {
      "source": "security_alert@emc.com",
      "tags": [
        "Exploit",
        "Technical Description"
      ],
      "url": "https://www.trustwave.com/Resources/SpiderLabs-Blog/Reflected-File-Download---A-New-Web-Attack-Vector/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00012.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://pivotal.io/security/cve-2015-5211"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Technical Description"
      ],
      "url": "https://www.trustwave.com/Resources/SpiderLabs-Blog/Reflected-File-Download---A-New-Web-Attack-Vector/"
    }
  ],
  "sourceIdentifier": "security_alert@emc.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-552"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2015-5211 (GCVE-0-2015-5211)

Vulnerability from cvelistv5

Published

2017-05-25 17:00

Modified

2024-08-06 06:41