CVE-2020-5398

EPSS 90.18%
Veröffentlicht 17.01.2020 00:15:12
Zuletzt bearbeitet 21.11.2024 05:34:04
Quelle security@pivotal.io
CVE-Watchlists
Login
Unerledigt
Login

RFD Attack via "Content-Disposition" Header Sourced from Request Input by Spring MVC or Spring WebFlux Application

In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an application is vulnerable to a reflected file download (RFD) attack when it sets a "Content-Disposition" header in the response where the filename attribute is derived from user supplied input.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 2 Referenzen 47

NVD 63 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

VMware ≫ Spring Framework Version >= 5.0.0 < 5.0.16

VMware ≫ Spring Framework Version >= 5.1.0 < 5.1.13

VMware ≫ Spring Framework Version >= 5.2.0 < 5.2.3

Oracle ≫ Application Testing Suite Version13.3.0.1

Oracle ≫ Communications Billing And Revenue Management Elastic Charging Engine Version11.3

Oracle ≫ Communications Billing And Revenue Management Elastic Charging Engine Version12.0

Oracle ≫ Communications Cloud Native Core Policy Version1.5.0

Oracle ≫ Communications Diameter Signaling Router Version >= 8.0.0 <= 8.2.2

Oracle ≫ Communications Element Manager Version8.1.1

Oracle ≫ Communications Element Manager Version8.2.0

Oracle ≫ Communications Element Manager Version8.2.1

Oracle ≫ Communications Policy Management Version12.5.0

Oracle ≫ Communications Session Report Manager Version8.1.1

Oracle ≫ Communications Session Report Manager Version8.2.0

Oracle ≫ Communications Session Report Manager Version8.2.1

Oracle ≫ Communications Session Route Manager Version8.1.1

Oracle ≫ Communications Session Route Manager Version8.2.0

Oracle ≫ Communications Session Route Manager Version8.2.1

Oracle ≫ Enterprise Manager Base Platform Version13.2.1.0

Oracle ≫ Financial Services Regulatory Reporting With Agilereporter Version8.0.9.2.0

Oracle ≫ Flexcube Private Banking Version12.0.0

Oracle ≫ Flexcube Private Banking Version12.1.0

Oracle ≫ Healthcare Master Person Index Version4.0.2

Oracle ≫ Insurance Calculation Engine Version >= 11.0.0 <= 11.3.1

Oracle ≫ Insurance Policy Administration J2ee Version10.2.0

Oracle ≫ Insurance Policy Administration J2ee Version10.2.4

Oracle ≫ Insurance Policy Administration J2ee Version11.0.2

Oracle ≫ Insurance Policy Administration J2ee Version11.1.0

Oracle ≫ Insurance Policy Administration J2ee Version11.2.0

Oracle ≫ Insurance Policy Administration J2ee Version11.2.2.0

Oracle ≫ Insurance Rules Palette Version10.2.0

Oracle ≫ Insurance Rules Palette Version10.2.4

Oracle ≫ Insurance Rules Palette Version11.0.2

Oracle ≫ Insurance Rules Palette Version11.1.0

Oracle ≫ Insurance Rules Palette Version11.2.0

Oracle ≫ Mysql Version >= 4.0.0 <= 4.0.12

Oracle ≫ Mysql Version >= 8.0.0 <= 8.0.20

Oracle ≫ Rapid Planning Version12.1

Oracle ≫ Rapid Planning Version12.2

Oracle ≫ Retail Assortment Planning Version15.0

Oracle ≫ Retail Assortment Planning Version16.0

Oracle ≫ Retail Back Office Version14.1

Oracle ≫ Retail Bulk Data Integration Version16.0.3.0

Oracle ≫ Retail Central Office Version14.1

Oracle ≫ Retail Financial Integration Version15.0

Oracle ≫ Retail Financial Integration Version16.0

Oracle ≫ Retail Integration Bus Version15.0.3

Oracle ≫ Retail Integration Bus Version16.0.3

Oracle ≫ Retail Order Broker Version15.0

Oracle ≫ Retail Order Broker Version16.0

Oracle ≫ Retail Point-of-service Version14.1

Oracle ≫ Retail Predictive Application Server Version14.0.3

Oracle ≫ Retail Predictive Application Server Version14.1.3.0

Oracle ≫ Retail Predictive Application Server Version15.0.3

Oracle ≫ Retail Predictive Application Server Version16.0.3.0

Oracle ≫ Retail Returns Management Version14.1

Oracle ≫ Retail Service Backbone Version15.0

Oracle ≫ Retail Service Backbone Version16.0

Oracle ≫ Siebel Engineering - Installer & Deployment Version <= 2.1.1

Oracle ≫ Weblogic Server Version12.2.1.3.0

Oracle ≫ Weblogic Server Version12.2.1.4.0

Netapp ≫ Data Availability Services Version-

Netapp ≫ Snapcenter Version-

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	90.18%	0.996

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	1.6	5.9	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
nvd@nist.gov	7.6	4.9	10	AV:N/AC:H/Au:N/C:C/I:C/A:C
security@pivotal.io	8	1.3	6	CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H

CWE-494 Download of Code Without Integrity Check

The product downloads source code or an executable from a remote location and executes the code without sufficiently verifying the origin and integrity of the code.

CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

https://www.oracle.com/security-alerts/cpujan2021.html

Third Party Advisory

https://www.oracle.com//security-alerts/cpujul2021.html

Patch

Third Party Advisory

https://www.oracle.com/security-alerts/cpuoct2021.html

Patch

Third Party Advisory

https://www.oracle.com/security-alerts/cpuapr2020.html

Third Party Advisory

https://www.oracle.com/security-alerts/cpujul2020.html

Third Party Advisory