qwqdanchun
/
Goby
mirror of https://github.com/qwqdanchun/Goby.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Goby/json/Spring-Cloud-Function-SPEL-...

82 lines
6.0 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"Name": "Spring Cloud Function SPEL Vulnerability",
"Description": "<p>Spring cloud function is a function calculation framework based on spring boot. By abstracting the transmission details and infrastructure, it retains familiar development tools and development processes for developers, so that developers can focus on realizing business logic, so as to improve development efficiency.</p><p>There is spring in the HTTP request header for accessing spring cloud function&nbsp;cloud.&nbsp;function.&nbsp;Routing expression parameter, whose spel expression can be injected and executed through StandardeValuationContext parsing.&nbsp;Eventually, an attacker can perform remote command execution through this vulnerability.</p>",
"Product": "Spring Cloud Function",
"Homepage": "https://github.com/spring-cloud/spring-cloud-function",
"DisclosureDate": "2022-03-26",
"Author": "su18@javaweb.org",
"FofaQuery": "((header=\"Server: Netty@SpringBoot\" || (body=\"Whitelabel Error Page\" && body=\"There was an unexpected error\")) && body!=\"couchdb\") || title=\"SpringBootAdmin-Server\" || body=\"SpringBoot\"",
"GobyQuery": "((header=\"Server: Netty@SpringBoot\" || (body=\"Whitelabel Error Page\" && body=\"There was an unexpected error\")) && body!=\"couchdb\") || title=\"SpringBootAdmin-Server\" || body=\"SpringBoot\"",
"Level": "3",
"Impact": "<p><span style=\"color: rgb(0, 0, 0); font-size: 16px;\">The vulnerability can cause remote command execution by injecting spel expressions.</span><br></p>",
"Recommendation": "<p>Refer to the scope of the vulnerability for troubleshooting. The official has issued a patch for this vulnerability. Please repair the affected users as soon as possible.</p><p>Official link:&nbsp;<a href=\"https://github.com/spring-cloud/spring-cloud-function/commit/0e89ee27b2e76138c16bcba6f4bca906c4f3744f\">https://github.com/spring-cloud/spring-cloud-function/commit/0e89ee27b2e76138c16bcba6f4bca906c4f3744f</a></p><p>Note: at present, the official has not released a new version, please continue to pay attention and update in time:&nbsp;<a href=\"https://github.com/spring-cloud/spring-cloud-function/tags\">https://github.com/spring-cloud/spring-cloud-function/tags</a></p>",
"References": [
"https://fofa.so/"
],
"Is0day": false,
"HasExp": true,
"ExpParams": [
{
"Name": "AttackType",
"Type": "select",
"Value": "goby_shell_linux"
}
],
"ExpTips": {
"Type": "",
"Content": ""
},
"ScanSteps": null,
"ExploitSteps": null,
"Tags": [
"rce"
],
"VulType": [
"rce"
],
"CVEIDs": [
""
],
"CNNVD": [
""
],
"CNVD": [
""
],
"CVSSScore": "9.8",
"Translation": {
"CN": {
"Name": "Spring Cloud Function SPEL 远程命令执行漏洞",
"Product": "Spring Cloud Function",
"Description": "<p>Spring Cloud Function 是基于Spring Boot 的函数计算框架,通过对传输细节和基础架构进行抽象,为开发人员保留熟悉的开发工具和开发流程,使开发人员专注在实现业务逻辑上,从而提升开发效率。</p><p>访问Spring Cloud Function的 HTTP请求头中存在 spring.cloud.function.routing-expression参数其 SpEL表达式可进行注入攻击并通过 StandardEvaluationContext解析执行。最终攻击者可通过该漏洞进行远程命令执行。</p>",
"Recommendation": "<p>参考漏洞影响范围进行排查,官方已针对此漏洞发布修复补丁,请受影响的用户尽快修复。</p><p>官方链接:<a href=\"https://github.com/spring-cloud/spring-cloud-function/commit/0e89ee27b2e76138c16bcba6f4bca906c4f3744f\">https://github.com/spring-cloud/spring-cloud-function/commit/0e89ee27b2e76138c16bcba6f4bca906c4f3744f</a></p><p>注:目前官方暂未发布新版本,请持续关注并及时更新:<a href=\"https://github.com/spring-cloud/spring-cloud-function/tags\">https://github.com/spring-cloud/spring-cloud-function/tags</a></p>",
"Impact": "<p><span style=\"font-size: 16px;\">该漏洞可通过对 SPEL表达式进行注入从而引发远程命令执行。</span><br></p>",
"VulType": [
"代码执⾏"
],
"Tags": [
"代码执⾏"
]
},
"EN": {
"Name": "Spring Cloud Function SPEL Vulnerability",
"Product": "Spring Cloud Function",
"Description": "<p>Spring cloud function is a function calculation framework based on spring boot. By abstracting the transmission details and infrastructure, it retains familiar development tools and development processes for developers, so that developers can focus on realizing business logic, so as to improve development efficiency.</p><p>There is spring in the HTTP request header for accessing spring cloud function&nbsp;cloud.&nbsp;function.&nbsp;Routing expression parameter, whose spel expression can be injected and executed through StandardeValuationContext parsing.&nbsp;Eventually, an attacker can perform remote command execution through this vulnerability.</p>",
"Recommendation": "<p>Refer to the scope of the vulnerability for troubleshooting. The official has issued a patch for this vulnerability. Please repair the affected users as soon as possible.</p><p>Official link:&nbsp;<a href=\"https://github.com/spring-cloud/spring-cloud-function/commit/0e89ee27b2e76138c16bcba6f4bca906c4f3744f\">https://github.com/spring-cloud/spring-cloud-function/commit/0e89ee27b2e76138c16bcba6f4bca906c4f3744f</a></p><p>Note: at present, the official has not released a new version, please continue to pay attention and update in time:&nbsp;<a href=\"https://github.com/spring-cloud/spring-cloud-function/tags\">https://github.com/spring-cloud/spring-cloud-function/tags</a></p>",
"Impact": "<p><span style=\"color: rgb(0, 0, 0); font-size: 16px;\">The vulnerability can cause remote command execution by injecting spel expressions.</span><br></p>",
"VulType": [
"rce"
],
"Tags": [
"rce"
]
}
},
"AttackSurfaces": {
"Application": null,
"Support": null,
"Service": null,
"System": null,
"Hardware": null
}
}
Reference in New Issue View Git Blame Copy Permalink