CVE-2020-5405

MEDIUM NUCLEI

Spring Cloud Config <2.2.2 & <2.1.7 - Path Traversal

Title source: llm

Description

Spring Cloud Config, versions 2.2.x prior to 2.2.2, versions 2.1.x prior to 2.1.7, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead a directory traversal attack.

Exploits (1)

nomisec WRITEUP

by shoucheng3 · poc

https://github.com/shoucheng3/spring-cloud__spring-cloud-config_CVE-2020-5405_2-1-6-RELEASE

View Code ZIP pw:eip

Nuclei Templates (1)

Spring Cloud Config - Local File Inclusion

MEDIUMby harshbothra_

References (1)

[Vendor Advisory] https://pivotal.io/security/cve-2020-5405

Scores

CVSS v3 6.5

EPSS 0.8799

EPSS Percentile 99.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Details

CWE

CWE-22 CWE-23

Status published

Products (2)

org.springframework.cloud/spring-cloud-config-server 2.1.0 - 2.1.7Maven

vmware/spring_cloud_config 2.1.0 - 2.1.7

Published Mar 05, 2020

Tracked Since Feb 18, 2026