CVE-2024-37084

In Spring Cloud Data Flow versions prior to 2.11.4, a malicious user who has access to the Skipper server api can use a crafted upload request to write an arbitrary file to any location on the file system which could lead to compromising the server

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://spring.io/security/cve-2024-37084	Vendor Advisory
https://spring.io/security/cve-2024-37084	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:vmware:spring_cloud_data_flow:*:*:*:*:*:*:*:*

History

21 Nov 2024, 09:23

Type	Values Removed	Values Added
References	~~() https://spring.io/security/cve-2024-37084 - Vendor Advisory~~	() https://spring.io/security/cve-2024-37084 - Vendor Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~8.8~~	v2 : unknown v3 : 9.8

26 Aug 2024, 16:11

Type	Values Removed	Values Added
First Time		Vmware spring Cloud Data Flow Vmware
References	~~() https://spring.io/security/cve-2024-37084 -~~	() https://spring.io/security/cve-2024-37084 - Vendor Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~9.8~~	v2 : unknown v3 : 8.8
CWE		NVD-CWE-noinfo
CPE		cpe:2.3:a:vmware:spring_cloud_data_flow::::::::

01 Aug 2024, 13:53

Type	Values Removed	Values Added
Summary		(es) En las versiones de Spring Cloud Data Flow anteriores a la 2.11.4, un usuario malintencionado que tiene acceso a la API del servidor Skipper puede utilizar una solicitud de carga manipulada para escribir un archivo arbitrario en cualquier ubicación del sistema de archivos, lo que podría comprometer el servidor.
CWE		CWE-94

25 Jul 2024, 10:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-07-25 10:15

Updated : 2024-11-21 09:23

NVD link : CVE-2024-37084

Mitre link : CVE-2024-37084

CVE.ORG link : CVE-2024-37084

JSON object : View

Products Affected

vmware

spring_cloud_data_flow

CWE

NVD-CWE-noinfo CWE-94

Improper Control of Generation of Code ('Code Injection')

{"id": "CVE-2024-37084", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security@vmware.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2024-07-25T10:15:07.260", "references": [{"url": "https://spring.io/security/cve-2024-37084", "tags": ["Vendor Advisory"], "source": "security@vmware.com"}, {"url": "https://spring.io/security/cve-2024-37084", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-94"}]}], "descriptions": [{"lang": "en", "value": "In Spring Cloud Data Flow versions prior to 2.11.4,\u00a0\u00a0a malicious user who has access to the Skipper server api can use a crafted upload request to write an arbitrary file to any location on the file system which could lead to compromising the server"}, {"lang": "es", "value": "En las versiones de Spring Cloud Data Flow anteriores a la 2.11.4, un usuario malintencionado que tiene acceso a la API del servidor Skipper puede utilizar una solicitud de carga manipulada para escribir un archivo arbitrario en cualquier ubicaci\u00f3n del sistema de archivos, lo que podr\u00eda comprometer el servidor."}], "lastModified": "2024-11-21T09:23:09.750", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:vmware:spring_cloud_data_flow:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C5051E95-868D-421F-9985-2A810BC01D38", "versionEndExcluding": "2.11.4", "versionStartIncluding": "2.11.0"}], "operator": "OR"}]}], "sourceIdentifier": "security@vmware.com"}