Bug 2231491 (CVE-2023-20873) - CVE-2023-20873 spring-boot: Security Bypass With Wildcard Pattern Matching on Cloud Foundry
Summary: CVE-2023-20873 spring-boot: Security Bypass With Wildcard Pattern Matching on...
Keywords:
Status: NEW
Alias: CVE-2023-20873
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Nobody
QA Contact:
URL:
Whiteboard:
Depends On: 2231492 2231493 2231494 2231495
Blocks: 2188521
TreeView+ depends on / blocked
 
Reported: 2023-08-11 17:30 UTC by Pedro Sampaio
Modified: 2024-02-01 03:42 UTC (History)
66 users (show)

Fixed In Version: spring-boot 2.5.15, spring-boot 2.6.15, spring-boot 2.7.11, spring-boot 3.0.6
Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in Spring Boot. This targets specifically 'spring-boot-actuator-autoconfigure' package. This issue occurs when an application is deployed to Cloud Foundry, which could be susceptible to a security bypass. Specifically, an application is vulnerable when all of the following are true: * You have code that can handle requests that match /cloudfoundryapplication/**. Typically, this will be if there is a catch-all request mapping which matches /**. * The application is deployed to Cloud Foundry. An application is not vulnerable if any of the following is true: * The application is not deployed to Cloud Foundry * You have disabled Cloud Foundry actuator endpoints with management.cloudfoundry.enabled set to false. * Your application does not have handler mappings that can handle requests to /cloudfoundryapplication/**.
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2023:5147 0 None None None 2023-09-13 15:40:20 UTC
Red Hat Product Errata RHSA-2023:5148 0 None None None 2023-09-13 16:10:04 UTC
Red Hat Product Errata RHSA-2023:7678 0 None None None 2023-12-06 23:30:47 UTC

Description Pedro Sampaio 2023-08-11 17:30:52 UTC 
In Spring Boot versions 3.0.0 - 3.0.5, 2.7.0 - 2.7.10, 2.6.0 - 2.6.14, 2.5.0 - 2.5.14 and older unsupported versions, an application that is deployed to Cloud Foundry could be susceptible to a security bypass.

References:

https://spring.io/security/cve-2023-20873
https://github.com/spring-projects/spring-boot/commit/307f3c339912466e78fcdac648fff95a4edea573
https://github.com/spring-projects/spring-boot/commit/3522714c13b47af03bf42e7f2d5994af568cb1a7
https://github.com/spring-projects/spring-boot/issues/35085
https://github.com/spring-projects/spring-boot/releases/tag/v2.7.11
Comment 1 Pedro Sampaio 2023-08-11 17:31:16 UTC 
Created log4j tracking bugs for this issue:

Affects: fedora-all [bug 2231492]
Comment 6 errata-xmlrpc 2023-09-13 15:40:16 UTC 
This issue has been addressed in the following products:

  RHINT Camel-Springboot 3.18.3.2

Via RHSA-2023:5147 https://access.redhat.com/errata/RHSA-2023:5147
Comment 7 errata-xmlrpc 2023-09-13 16:10:01 UTC 
This issue has been addressed in the following products:

  RHINT Camel-Springboot 3.20.2

Via RHSA-2023:5148 https://access.redhat.com/errata/RHSA-2023:5148
Comment 8 errata-xmlrpc 2023-12-06 23:30:44 UTC 
This issue has been addressed in the following products:

  Red Hat AMQ Streams 2.6.0

Via RHSA-2023:7678 https://access.redhat.com/errata/RHSA-2023:7678
Note You need to log in before you can comment on or make changes to this bug.