Directory Traversal Vulnerability in Pivotal Spring Framework
CVE-2014-3625
Currently unrated
Key Information:
- Vendor
Pivotal Software
- Status
- Vendor
- CVE Published:
- 20 November 2014
Badges
๐พ Exploit Exists๐ก Public PoC๐ฃ EPSS 10%
What is CVE-2014-3625?
A directory traversal vulnerability exists in the Pivotal Spring Framework which enables remote attackers to read arbitrary files from the server. This vulnerability arises from improper handling of static resources in the framework, allowing exploitation through unspecified vectors. This can potentially expose sensitive files, leading to data disclosure and further security risks.
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
