Bug 1571050 (CVE-2018-1271) - CVE-2018-1271 spring-framework: Directory traversal vulnerability with static resources on Windows filesystems
Summary: CVE-2018-1271 spring-framework: Directory traversal vulnerability with static...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2018-1271
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1700953 1700986
Blocks: 1571053
TreeView+ depends on / blocked
 
Reported: 2018-04-24 02:38 UTC by Sam Fowler
Modified: 2021-02-17 00:25 UTC (History)
72 users (show)

Fixed In Version: springframework 5.05, springframework 4.3.15
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2019-06-10 10:20:24 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2018:1320 0 None None None 2018-05-03 17:07:23 UTC
Red Hat Product Errata RHSA-2018:2669 0 None None None 2018-09-11 07:55:10 UTC
Red Hat Product Errata RHSA-2018:2939 0 None None None 2018-10-17 19:30:24 UTC

Description Sam Fowler 2018-04-24 02:38:14 UTC 
Spring Framework versions 5.0 to 5.0.4, 4.3 to 4.3.14, and older unsupported versions allow applications to configure Spring MVC to serve static resources (e.g. CSS, JS, images). When static resources are served from a file system on Windows (as opposed to the classpath, or the ServletContext), a malicious user can send a request using a specially crafted URL that can lead a directory traversal attack.

This vulnerability does not affect applications that use versions of Spring Security patched for CVE-2018-1199. 


External Reference:

https://pivotal.io/security/cve-2018-1271
Comment 3 errata-xmlrpc 2018-05-03 17:06:58 UTC 
This issue has been addressed in the following products:

  Red Hat Openshift Application Runtimes

Via RHSA-2018:1320 https://access.redhat.com/errata/RHSA-2018:1320
Comment 4 Riccardo Schirone 2018-05-22 08:25:04 UTC 
Patch:
https://github.com/spring-projects/spring-framework/commit/13356a7ee2240f740737c5c83bdccdacc30603ab
Comment 5 errata-xmlrpc 2018-09-11 07:54:47 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Fuse

Via RHSA-2018:2669 https://access.redhat.com/errata/RHSA-2018:2669
Comment 6 errata-xmlrpc 2018-10-17 19:29:59 UTC 
This issue has been addressed in the following products:

  Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R8

Via RHSA-2018:2939 https://access.redhat.com/errata/RHSA-2018:2939
Comment 11 Joshua Padman 2019-05-16 13:31:29 UTC 
This vulnerability is out of security support scope for the following products:
 * Red Hat JBoss Fuse Service Works 6
 * Red Hat JBoss BRMS 5
 * Red Hat Enterprise Application Platform 5

Please refer to https://access.redhat.com/support/policy/updates/jboss_notes for more details.
Comment 14 Jonathan Christison 2020-03-11 14:14:57 UTC 
This vulnerability is out of security support scope for the following product:
 * SOA Platform 5

Please refer to https://access.redhat.com/support/policy/updates/jboss_notes for more details.
Note You need to log in before you can comment on or make changes to this bug.