Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CVE-2015-5211 High Severity Vulnerability detected by WhiteSource #12

Open
mend-bolt-for-github bot opened this issue Jan 15, 2019 · 0 comments
Open

CVE-2015-5211 High Severity Vulnerability detected by WhiteSource #12

mend-bolt-for-github bot opened this issue Jan 15, 2019 · 0 comments
Labels
security vulnerability Security vulnerability detected by WhiteSource

Comments

@mend-bolt-for-github
Copy link
Contributor

CVE-2015-5211 - High Severity Vulnerability

Vulnerable Libraries - spring-webmvc-3.2.4.RELEASE.jar, spring-web-3.2.4.RELEASE.jar

spring-webmvc-3.2.4.RELEASE.jar

Spring Web MVC

path: 2/repository/org/springframework/spring-webmvc/3.2.4.RELEASE/spring-webmvc-3.2.4.RELEASE.jar

Library home page: https://github.com/SpringSource/spring-framework

Dependency Hierarchy:

  • spring-webmvc-3.2.4.RELEASE.jar (Vulnerable Library)
spring-web-3.2.4.RELEASE.jar

Spring Web

path: /root/.m2/repository/org/springframework/spring-web/3.2.4.RELEASE/spring-web-3.2.4.RELEASE.jar

Library home page: https://github.com/SpringSource/spring-framework

Dependency Hierarchy:

  • spring-webmvc-3.2.4.RELEASE.jar (Root Library)
    • spring-web-3.2.4.RELEASE.jar (Vulnerable Library)

Vulnerability Details

Under some situations, the Spring Framework 4.2.0 to 4.2.1, 4.0.0 to 4.1.7, 3.2.0 to 3.2.14 and older unsupported versions is vulnerable to a Reflected File Download (RFD) attack. The attack involves a malicious user crafting a URL with a batch script extension that results in the response being downloaded rather than rendered and also includes some input reflected in the response.

Publish Date: 2017-05-25

URL: CVE-2015-5211

CVSS 3 Score Details (8.6)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Local
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: Required
    • Scope: Changed
  • Impact Metrics:
    • Confidentiality Impact: High
    • Integrity Impact: High
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://pivotal.io/security/cve-2015-5211

Fix Resolution: Users of affected Spring Framework versions should upgrade as follows: For 3.2.x upgrade to 3.2.15+. For 4.0.x and 4.1.x upgrade to 4.1.8+. For 4.2.x upgrade to 4.2.2+. In the above mentioned versions Spring MVC checks if the URL contains a file extension prior to writing with an HttpMessageConverter, and if the extension is unknown a “Content-Disposition” response header is added to suggest the download filename “f.txt”. The list of “known” extensions by default includes the ones associated with the built-in HttpMessageConverter implementations as well as any additional extensions explicitly registered for content negotiation purposes. For 4.x the fix also includes URL checks for SockJS URLs and validation of the JSONP callback parameter in all areas where JSONP is supported.

Step up your Open Source Security Game with WhiteSource here
@mend-bolt-for-github mend-bolt-for-github bot added the security vulnerability Security vulnerability detected by WhiteSource label Jan 15, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
security vulnerability Security vulnerability detected by WhiteSource
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
0 participants