CVE-2020-5410 — Directory traversal attack in Spring Cloud Config

Description

Spring Cloud Config, versions 2.2.x prior to 2.2.3, versions 2.1.x prior to 2.1.9, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead to a directory traversal attack.

How to fix CVE-2020-5410

To remediate CVE-2020-5410, upgrade the affected package to a fixed version below.

—upgrade to 2.1.9 or later

Is CVE-2020-5410 being exploited?

Yes — CVE-2020-5410 is on the CISA Known Exploited Vulnerabilities (KEV) catalog. Patch immediately.

Affected packages (1)

>= 2.1.0, < 2.1.9

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	HIGH7.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H

References (4)

ADVISORYnvd.nist.gov/vuln/detail/CVE-2020-5410
PATCHgithub.com/spring-cloud/spring-cloud-config
WEBtanzu.vmware.com/security/cve-2020-5410
WEBwww.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-5410