[CIVN-2022-0472] Arbitrary Code Execution Vulnerability in Spring Boot Admin

Severity Rating: HIGH

Software Affected

Spring Boot Admin versions prior to 2.6.10

Spring Boot Admin versions prior to 2.7.8

Spring Boot Admin versions prior to 3.0.0-M6

Overview

A vulnerability has been reported in Spring Boot Admin which could allow an attacker to execute arbitrary code on the targeted system.

Description

This vulnerability exists in Spring Boot Admin due to a flaw in the integrated notifier support. An attacker can exploit this vulnerability by sending specially crafted request.

Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on the target system.

Workaround

Disable any notifier

Disable write access (POST request) on /env actuator endpoint

Solution

Upgrade to the latest versions of Spring Boot Admin as mentioned in the advisory:

https://github.com/codecentric/spring-boot-admin/security/advisories/GHSA-w3x5-427h-wfq6

Vendor Information

https://github.com/codecentric/spring-boot-admin/security/advisories/GHSA-w3x5-427h-wfq6

References

https://github.com/codecentric/spring-boot-admin/security/advisories/GHSA-w3x5-427h-wfq6

https://www.securitynewspaper.com/2022/12/12/arbitrary-code-execution-flaw-impacts-spring-boot-admin/

CVE Name

CVE-2022-46166

About Cert Advisory

We have created this blog to provide latest security advisory from the india cert for the security vulnerability, threats, attacks and patching required to mitigate any kind of cyber attacks.

[CIVN-2022-0472] Arbitrary Code Execution Vulnerability in Spring Boot Admin

About Cert Advisory

Related Posts

Popular Posts

Facebook

Blog Archive