Lucene search
Redhat.comRH:CVE-2020-5405HistoryApr 24, 2020 - 10:33 p.m.
CVE-2020-5405
2020-04-2422:33:39
redhat.com
access.redhat.com
12
EPSS
0.004
Percentile
72.6%
Spring Cloud Config, versions 2.2.x prior to 2.2.2, versions 2.1.x prior to 2.1.7, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead a directory traversal attack.
Related
cvelist
cvelist
CVE-2020-5405 Directory Traversal with spring-cloud-config-server
2020-03-05 19:00:19
osv
osv
CVE-2020-5405
2020-03-05 19:15:11
Directory traversal attack in Spring Cloud Config
2020-06-05 16:11:36
github
github
Directory traversal attack in Spring Cloud Config
2020-06-05 16:11:36
nvd
nvd
CVE-2020-5405
2020-03-05 19:15:11
cve
cve
CVE-2020-5405
2020-03-05 19:15:11
veracode
veracode
Directory Traversal
2020-03-06 03:25:21
nuclei
nuclei
Spring Cloud Config - Local File Inclusion
2020-07-06 16:22:18
prion
prion
Directory traversal
2020-03-05 19:15:00
ibm
ibm
openvas
openvas
Generic HTTP Directory Traversal (Web Dirs) - Active Check
2021-07-22 00:00:00