Directory Traversal with spring-cloud-config-server
CVE-2019-3799

6.5MEDIUM

Key Information:

Vendor: Spring
Status: Spring Cloud Config
Vendor: CVE Published:; 6 May 2019

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 91%

What is CVE-2019-3799?

Spring Cloud Config, versions 2.1.x prior to 2.1.2, versions 2.0.x prior to 2.0.4, and versions 1.4.x prior to 1.4.6, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead a directory traversal attack.

Affected Version(s)

Spring Cloud Config 2.0

Spring Cloud Config 1.4

Spring Cloud Config 2.1

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2019-3799
Created by mpgn

References

https://www.oracle.com/security-alerts/cpuapr2022.html

x_refsource_MISC

https://pivotal.io/security/cve-2019-3799

x_refsource_CONFIRM

EPSS Score

91% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

🟡
Public PoC available
Apr 7, 2022
👾
Exploit known to exist
Apr 7, 2022
Vulnerability published
May 6, 2019
Vulnerability Reserved
Jan 3, 2019