csaf_redhat - rhsa-2024

rhsa-2024_10700

Vulnerability from csaf_redhat

Published

2024-12-02 16:06

Modified

2024-12-12 09:48

Summary

Red Hat Security Advisory: Red Hat Build of Apache Camel 4.8 for Spring Boot security update.

Notes

Topic

Red Hat build of Apache Camel 4.8 for Spring Boot release and security update is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details

Red Hat build of Apache Camel 4.8 for Spring Boot release and security update is now available. The purpose of this text-only errata is to inform you about the security issues fixed. Security Fix(es): * org.apache.kafka/kafka-clients: privilege escalation to filesystem read-access via automatic ConfigProvider (CVE-2024-31141) * org.springframework/spring-webmvc: Path traversal vulnerability in functional web frameworks (CVE-2024-38819) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat build of Apache Camel 4.8 for Spring Boot release and security update is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat build of Apache Camel 4.8 for Spring Boot release and security update is now available.\n\nThe purpose of this text-only errata is to inform you about the security issues fixed.\n\nSecurity Fix(es):\n\n* org.apache.kafka/kafka-clients: privilege escalation to filesystem read-access via automatic ConfigProvider (CVE-2024-31141)\n\n* org.springframework/spring-webmvc: Path traversal vulnerability in functional web frameworks (CVE-2024-38819)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2024:10700",
        "url": "https://access.redhat.com/errata/RHSA-2024:10700"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "2327264",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2327264"
      },
      {
        "category": "external",
        "summary": "2327614",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2327614"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_10700.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat Build of Apache Camel 4.8 for Spring Boot security update.",
    "tracking": {
      "current_release_date": "2024-12-12T09:48:45+00:00",
      "generator": {
        "date": "2024-12-12T09:48:45+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.3"
        }
      },
      "id": "RHSA-2024:10700",
      "initial_release_date": "2024-12-02T16:06:11+00:00",
      "revision_history": [
        {
          "date": "2024-12-02T16:06:11+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2024-12-02T16:06:11+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-12-12T09:48:45+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat build of Apache Camel 4.8 for Spring Boot",
                "product": {
                  "name": "Red Hat build of Apache Camel 4.8 for Spring Boot",
                  "product_id": "Red Hat build of Apache Camel 4.8 for Spring Boot",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:apache_camel_spring_boot:4.8"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Build of Apache Camel"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-31141",
      "cwe": {
        "id": "CWE-552",
        "name": "Files or Directories Accessible to External Parties"
      },
      "discovery_date": "2024-11-19T09:00:35.857468+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2327264"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Apache Kafka Clients. Apache Kafka Clients accepts configuration data for customizing behavior and includes ConfigProvider plugins to manipulate these configurations. Apache Kafka also provides FileConfigProvider, DirectoryConfigProvider, and EnvVarConfigProvider implementations, which include the ability to read from disk or environment variables. In applications where an untrusted party can specify Apache Kafka Clients configurations, attackers may use these ConfigProviders to read arbitrary contents of the disk and environment variables.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kafka-clients: privilege escalation to filesystem read-access via automatic ConfigProvider",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat build of Apache Camel 4.8 for Spring Boot"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-31141"
        },
        {
          "category": "external",
          "summary": "RHBZ#2327264",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2327264"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-31141",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-31141"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-31141",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-31141"
        },
        {
          "category": "external",
          "summary": "https://lists.apache.org/thread/9whdzfr0zwdhr364604w5ssnzmg4v2lv",
          "url": "https://lists.apache.org/thread/9whdzfr0zwdhr364604w5ssnzmg4v2lv"
        }
      ],
      "release_date": "2024-11-19T08:40:50.695000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-12-02T16:06:11+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat build of Apache Camel 4.8 for Spring Boot"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:10700"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat build of Apache Camel 4.8 for Spring Boot"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kafka-clients: privilege escalation to filesystem read-access via automatic ConfigProvider"
    },
    {
      "cve": "CVE-2024-38819",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "discovery_date": "2024-11-20T14:13:08.656000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2327614"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Spring Framework. Applications serving static resources through the functional web frameworks WebMvc.fn or WebFlux.fn are vulnerable to path traversal attacks. This flaw allows an attacker to craft malicious HTTP requests and obtain any file on the file system that is also accessible to the process in which the Spring application is running.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "org.springframework:spring-webmvc: Path traversal vulnerability in functional web frameworks",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is of important severity because it enables path traversal attacks that allow unauthorized access to arbitrary files on the server. Exploiting this flaw could expose sensitive information such as application configuration files, authentication credentials, or environment secrets, potentially compromising the entire system. Moreover, if the application process has elevated privileges, an attacker could access system files or even gain further control over the server.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat build of Apache Camel 4.8 for Spring Boot"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-38819"
        },
        {
          "category": "external",
          "summary": "RHBZ#2327614",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2327614"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-38819",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-38819"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38819",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38819"
        }
      ],
      "release_date": "2024-10-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-12-02T16:06:11+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat build of Apache Camel 4.8 for Spring Boot"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:10700"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat build of Apache Camel 4.8 for Spring Boot"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat build of Apache Camel 4.8 for Spring Boot"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "org.springframework:spring-webmvc: Path traversal vulnerability in functional web frameworks"
    }
  ]
}

cve-2024-31141

Vulnerability from cvelistv5

Published

2024-11-19 08:40

Modified

2024-11-19 14:15

Severity ?

Summary

Files or Directories Accessible to External Parties, Improper Privilege Management vulnerability in Apache Kafka Clients. Apache Kafka Clients accept configuration data for customizing behavior, and includes ConfigProvider plugins in order to manipulate these configurations. Apache Kafka also provides FileConfigProvider, DirectoryConfigProvider, and EnvVarConfigProvider implementations which include the ability to read from disk or environment variables. In applications where Apache Kafka Clients configurations can be specified by an untrusted party, attackers may use these ConfigProviders to read arbitrary contents of the disk and environment variables. In particular, this flaw may be used in Apache Kafka Connect to escalate from REST API access to filesystem/environment access, which may be undesirable in certain environments, including SaaS products. This issue affects Apache Kafka Clients: from 2.3.0 through 3.5.2, 3.6.2, 3.7.0. Users with affected applications are recommended to upgrade kafka-clients to version >=3.8.0, and set the JVM system property "org.apache.kafka.automatic.config.providers=none". Users of Kafka Connect with one of the listed ConfigProvider implementations specified in their worker config are also recommended to add appropriate "allowlist.pattern" and "allowed.paths" to restrict their operation to appropriate bounds. For users of Kafka Clients or Kafka Connect in environments that trust users with disk and environment variable access, it is not recommended to set the system property. For users of the Kafka Broker, Kafka MirrorMaker 2.0, Kafka Streams, and Kafka command-line tools, it is not recommended to set the system property.

References

▼	URL	Tags
	https://lists.apache.org/thread/9whdzfr0zwdhr364604w5ssnzmg4v2lv	vendor-advisory

Impacted products

Vendor

Product

Version

▼

Apache Software Foundation

Apache Kafka Clients

Version: 2.3.0   ≤ 3.5.2
Version: 3.6.0   ≤ 3.6.2
Version: 3.7.0   ≤

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-11-19T09:03:19.282Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2024/11/18/5"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 6.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-31141",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-19T14:14:13.118831Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-19T14:15:34.254Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://repo.maven.apache.org/maven2",
          "defaultStatus": "unaffected",
          "packageName": "org.apache.kafka:kafka-clients",
          "product": "Apache Kafka Clients",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "3.5.2",
              "status": "affected",
              "version": "2.3.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "3.6.2",
              "status": "affected",
              "version": "3.6.0",
              "versionType": "semver"
            },
            {
              "status": "affected",
              "version": "3.7.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Greg Harris"
        },
        {
          "lang": "en",
          "type": "remediation reviewer",
          "value": "Mickael Maison"
        },
        {
          "lang": "en",
          "type": "remediation reviewer",
          "value": "Chris Egerton"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Files or Directories Accessible to External Parties, Improper Privilege Management vulnerability in Apache Kafka Clients.\u003cbr\u003e\u003cbr\u003eApache Kafka Clients accept configuration data for customizing behavior, and includes ConfigProvider plugins in order to manipulate these configurations. Apache Kafka also provides FileConfigProvider, DirectoryConfigProvider, and EnvVarConfigProvider implementations which include the ability to read from disk or environment variables.\u003cbr\u003eIn applications where Apache Kafka Clients configurations can be specified by an untrusted party, attackers may use these ConfigProviders to read arbitrary contents of the disk and environment variables.\u003cbr\u003e\u003cbr\u003eIn particular, this flaw may be used in Apache Kafka Connect to escalate from REST API access to filesystem/environment access, which may be undesirable in certain environments, including SaaS products.\u003cbr\u003e\u003cp\u003eThis issue affects Apache Kafka Clients: from 2.3.0 through 3.5.2, 3.6.2, 3.7.0.\u003cbr\u003e\u003c/p\u003e\u003cp\u003eUsers with affected applications are recommended to upgrade kafka-clients to version \u0026gt;=3.8.0, and set the JVM system property \"org.apache.kafka.automatic.config.providers=none\".\u003cbr\u003eUsers of Kafka Connect with one of the listed ConfigProvider implementations specified in their worker config are also recommended to add appropriate \"allowlist.pattern\" and \"allowed.paths\" to restrict their operation to appropriate bounds.\u003cbr\u003e\u003c/p\u003eFor users of Kafka Clients or Kafka Connect in environments that trust users with disk and environment variable access, it is not recommended to set the system property.\u003cbr\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eFor users of the Kafka Broker, Kafka MirrorMaker 2.0, Kafka Streams, and Kafka command-line tools, it is not recommended to set the system property.\u003cbr\u003e\u003c/span\u003e"
            }
          ],
          "value": "Files or Directories Accessible to External Parties, Improper Privilege Management vulnerability in Apache Kafka Clients.\n\nApache Kafka Clients accept configuration data for customizing behavior, and includes ConfigProvider plugins in order to manipulate these configurations. Apache Kafka also provides FileConfigProvider, DirectoryConfigProvider, and EnvVarConfigProvider implementations which include the ability to read from disk or environment variables.\nIn applications where Apache Kafka Clients configurations can be specified by an untrusted party, attackers may use these ConfigProviders to read arbitrary contents of the disk and environment variables.\n\nIn particular, this flaw may be used in Apache Kafka Connect to escalate from REST API access to filesystem/environment access, which may be undesirable in certain environments, including SaaS products.\nThis issue affects Apache Kafka Clients: from 2.3.0 through 3.5.2, 3.6.2, 3.7.0.\n\n\nUsers with affected applications are recommended to upgrade kafka-clients to version \u003e=3.8.0, and set the JVM system property \"org.apache.kafka.automatic.config.providers=none\".\nUsers of Kafka Connect with one of the listed ConfigProvider implementations specified in their worker config are also recommended to add appropriate \"allowlist.pattern\" and \"allowed.paths\" to restrict their operation to appropriate bounds.\n\n\nFor users of Kafka Clients or Kafka Connect in environments that trust users with disk and environment variable access, it is not recommended to set the system property.\nFor users of the Kafka Broker, Kafka MirrorMaker 2.0, Kafka Streams, and Kafka command-line tools, it is not recommended to set the system property."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "moderate"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-552",
              "description": "CWE-552 Files or Directories Accessible to External Parties",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269 Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-19T08:40:50.695Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.apache.org/thread/9whdzfr0zwdhr364604w5ssnzmg4v2lv"
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "title": "Apache Kafka Clients: Privilege escalation to filesystem read-access via automatic ConfigProvider",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2024-31141",
    "datePublished": "2024-11-19T08:40:50.695Z",
    "dateReserved": "2024-03-28T16:57:34.016Z",
    "dateUpdated": "2024-11-19T14:15:34.254Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-38819

Vulnerability from cvelistv5

Published

2024-12-19 17:15

Modified

2024-12-20 17:54

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Summary

Applications serving static resources through the functional web frameworks WebMvc.fn or WebFlux.fn are vulnerable to path traversal attacks. An attacker can craft malicious HTTP requests and obtain any file on the file system that is also accessible to the process in which the Spring application is running.

References

▼	URL	Tags
	https://spring.io/security/cve-2024-38819

Impacted products

Vendor

Product

Version

▼

N/A

Spring Framework

Version: Spring Framework 5.3.0 - 5.3.40, 6.0.0 - 6.0.24, 6.1.0 - 6.1.13

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-38819",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-12-20T17:53:51.980313Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-20T17:54:04.143Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Spring Framework",
          "vendor": "N/A",
          "versions": [
            {
              "status": "affected",
              "version": "Spring Framework 5.3.0 - 5.3.40, 6.0.0 - 6.0.24, 6.1.0 - 6.1.13"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eApplications serving static resources through the functional web frameworks WebMvc.fn or WebFlux.fn are vulnerable to path traversal attacks. An attacker can craft malicious HTTP requests and obtain any file on the file system that is also accessible to the process in which the Spring application is running.\u003c/span\u003e"
            }
          ],
          "value": "Applications serving static resources through the functional web frameworks WebMvc.fn or WebFlux.fn are vulnerable to path traversal attacks. An attacker can craft malicious HTTP requests and obtain any file on the file system that is also accessible to the process in which the Spring application is running."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-12-19T17:15:12.704Z",
        "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
        "shortName": "vmware"
      },
      "references": [
        {
          "url": "https://spring.io/security/cve-2024-38819"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
    "assignerShortName": "vmware",
    "cveId": "CVE-2024-38819",
    "datePublished": "2024-12-19T17:15:12.704Z",
    "dateReserved": "2024-06-19T22:32:06.583Z",
    "dateUpdated": "2024-12-20T17:54:04.143Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

rhsa-2024_10700

Vulnerability from csaf_redhat

cve-2024-31141

Vulnerability from cvelistv5

cve-2024-38819

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature