CVE-2020-5245

Sažetak

Dropwizard-Validation before 1.3.19, and 2.0.2 may allow arbitrary code execution on the host system, with the privileges of the Dropwizard service account, by injecting arbitrary Java Expression Language expressions when using the self-validating feature. The issue has been fixed in dropwizard-validation 1.3.19 and 2.0.2.

Reference

https://beanvalidation.org/2.0/spec/#validationapi-message-defaultmessageinterpolation
https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions
https://docs.oracle.com/javaee/7/tutorial/jsf-el.htm
https://github.com/dropwizard/dropwizard/commit/28479f743a9d0aab6d0e963fc07f3dd98e8c8236
https://github.com/dropwizard/dropwizard/commit/d87d1e4f8e20f6494c0232bf8560c961b46db634
https://github.com/dropwizard/dropwizard/pull/3157
https://github.com/dropwizard/dropwizard/pull/3160
https://github.com/dropwizard/dropwizard/security/advisories/GHSA-3mcp-9wr4-cjqf

CVSS

Base:	9.0
Impact:	10.0
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:S/C:C/I:C/A:C

Zadnje važnije ažuriranje

05-06-2024 - 17:15

Objavljeno

24-02-2020 - 18:15