Cyber Security

Spring Cloud framework commits patch for code injection flaw

Cybersecurity researchers have disclosed a code injection flaw in the Spring Cloud computing framework that poses a remote attack risk.

On March 28, infosec firm NSFOCUS published a security advisory describing a vulnerability in Spring Cloud Function that allows attackers to “provide a specially crafted Spring Expression Language (SpEL) as a routing-expression that may result in access to local resources”.

VMWare Spring Cloud is an open source collection of developer projects for distributed systems on Spring, ranging from service discovery to configuration management. Spring Cloud Function is a project that abstracts all transport details and infrastructure, allowing developers to concentrate on putting together applications based on business logic components.

The Spring Cloud project is on GitHub.

Trigger point

According to NSFOCUS, the vulnerability is triggered by the spring.cloud.function.routing-expression parameter in the request header. This parameter is processed as a SpEL expression when routing is in use.

If inadequately protected, expressions can lead to Expression Language (EL) injections. Depending on the EL injection’s severity, attackers may be able to access server-side content, tamper with functionality, hijack accounts, or more.

In this case, the bug is specifically a SpEL injection. The researchers said that this Spring Cloud Function vulnerability, tracked as CVE-2022-22963 and rated as a medium-severity score, could result in the remote injection of arbitrary code.

Fixes

Spring Cloud Function versions 3.1.6, 3.2.2, and older version of the technology are impacted.

The researchers have published details of the vulnerability along with proof-of-concept (PoC) exploit code.

In a notice published by Oleg Zhurakousky, the developer said users would need to upgrade to Spring Cloud Function versions 3.1.7 or 3.2.3 to patch against the security flaw.

At the time of writing, a fix has been committed but does not belong to a stable branch. In other words, a patch is ready for the next release but has not been implemented yet.

Source: https://portswigger.net/daily-swig/spring-cloud-framework-commits-patch-for-code-injection-flaw

Click to comment

You May Also Like

Cyber Security

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given federal agencies three weeks to secure Adobe ColdFusion servers on their networks against two...

Cyber Security

Businesses and developers are focusing more on the security of applications in their digital environment as cyber threats and data breaches continue escalating. The...

Cyber Security

HCL BigFix is an endpoint management platform that has the capability to automate discovery, management, and remediation. It can find and fix vulnerabilities on...

Cyber Security

The Environmental Protection Agency cited a lack of resources and the sheer volume of critical vulnerabilities as the reasons for its inability to patch...

Copyright © 2023 Newsworthy News | Global | Political | Local | All News | Website By: Top Search SEO

Exit mobile version