Remote Code Execution vulnerability in Spring Cloud Data Flow (CVE-2024-37084)

Imechapishwa: Aug 16, 2024 18:59

Advisory No: TZCERT-SA-24-0013

Source: Spring Cloud Data Flow

Software Affected: Spring Cloud Data Flow

Overview

Spring is vulnerable to a remote code vulnerability. The attackers can leverage the vulnerability to compromise the server.

Description

Spring Cloud Data Flow, a microservices-based streaming in Cloud Foundry and Kubernetes is affected by a vulnerability tracked as CVE-2024-37084. The vulnerability is a result of improper sanitization for the upload path, that a malicious user who has access to the Skipper server API can use a crafted upload request to write an arbitrary file to any location on the file system. The attackers can exploit the vulnerability to compromise the server by executing remote arbitrary codes.

Impact

Successful exploitation of this vulnerability may allow an attacker to take control of the affected system.

Solution

Spring has released a security patch for this vulnerability. Users and administrators are encouraged to apply necessary updates.

Subscribe To TZ - CERT Newsletter

A digest of Tanzania Computer Emergency Response Team coverage of cyber-security news across the globe.

Subscribe
Ripoti Tukio