Lucene search
K

15 matches found

Nuclei
Nuclei
added yesterday53 views

Spring Cloud Config Server - Local File Inclusion

Spring Cloud Config Server versions 2.1.x prior to 2.1.2, 2.0.x prior to 2.0.4, 1.4.x prior to 1.4.6, and older unsupported versions are vulnerable to local file inclusion because they allow applications to serve arbitrary configuration files. An attacker can send a request using a specially...

6.5CVSS6.7AI score0.85295EPSS
Exploits6References5
vulnersOsv
vulnersOsv
added 2019/05/23 8:39 a.m.6 views

ai.hyacinth.framework:core-service-config-server (=0.5.0), org.apereo.cas:cas-server-support-configuration-cloud-amqp (>=6.0.1 <=6.1.0-RC2) +12 more potentially affected by CVE-2019-3799 via org.springframework.cloud:spring-cloud-config-server (>=2.1.0.RELEASE <=2.1.1.RELEASE)

org.springframework.cloud:spring-cloud-config-server MAVEN version =2.1.0.RELEASE, =6.0.1, =6.0.1, =6.0.1, =Einstein.RELEASE, =2.1.0.RELEA...

6.5CVSS6.5AI score0.85295EPSS
Exploits6
vulnersOsv
vulnersOsv
added 2019/05/23 8:39 a.m.8 views

cn.home1:oss-configserver (>=1.0.6.OSS <=1.0.7.OSS), cn.home1:spring-cloud-config-monitor (>=0.0.1 <=1.0.1.U1) +166 more potentially affected by CVE-2019-3799 via org.springframework.cloud:spring-cloud-config-server (>=1.1.0.RELEASE <=1.4.5.RELEASE)

org.springframework.cloud:spring-cloud-config-server MAVEN version =1.1.0.RELEASE, =1.0.6.OSS, =0.0.1, =0.0.1, =1.1.0-RELEASE, =1.0.0, =1.0.0, =1.5.0-Beta, =0.8.3, =0.8.3, =0.8.3, =0.8.3, =0.10.0 and more Source cves: CVE-2019-3799 Source advisory: OSV:GHSA-4X49-W62V-76Q7...

6.5CVSS6.5AI score0.85295EPSS
Exploits6
RedhatCVE
RedhatCVE
added 2019/05/13 8:25 a.m.29 views

CVE-2019-3799

Spring Cloud Config, versions 2.1.x prior to 2.1.2, versions 2.0.x prior to 2.0.4, and versions 1.4.x prior to 1.4.6, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a...

6.5CVSS5.5AI score0.85295EPSS
Exploits6References3
OSV
OSV
added 2019/05/06 4:29 p.m.22 views

CVE-2019-3799

Spring Cloud Config, versions 2.1.x prior to 2.1.2, versions 2.0.x prior to 2.0.4, and versions 1.4.x prior to 1.4.6, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a...

6.5CVSS7.2AI score0.85295EPSS
Exploits6References2
NVD
NVD
added 2019/05/06 4:29 p.m.16 views

CVE-2019-3799

Spring Cloud Config, versions 2.1.x prior to 2.1.2, versions 2.0.x prior to 2.0.4, and versions 1.4.x prior to 1.4.6, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a...

6.5CVSS6.5AI score0.85295EPSS
Exploits6References2
Cvelist
Cvelist
added 2019/05/06 3:21 p.m.46 views

CVE-2019-3799 Directory Traversal with spring-cloud-config-server

Spring Cloud Config, versions 2.1.x prior to 2.1.2, versions 2.0.x prior to 2.0.4, and versions 1.4.x prior to 1.4.6, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a...

6.7AI score0.85295EPSS
Exploits6References2
CVE
CVE
added 2019/05/06 3:21 p.m.175 views

CVE-2019-3799

The CVE-2019-3799 entries describe a Local File Inclusion/Directory Traversal vulnerability in Spring Cloud Config Server. Affected versions are Spring Cloud Config Server 2.1.x before 2.1.2, 2.0.x before 2.0.4, and 1.4.x before 1.4.6, plus older unsupported releases. An unauthenticated attacker ...

6.5CVSS6.3AI score0.85295EPSS
Exploits6References2Affected Software1
0day.today
0day.today
added 2019/05/01 12:0 a.m.46 views

Spring Cloud Config 2.1.x - Path Traversal Exploit

Exploit for java platform in category web applications This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Spring Cloud Config Server Directory Traversal', 'Description' = %q This module exploits a...

0.85295EPSS
Exploits6
Packet Storm
Packet Storm
added 2019/04/30 12:0 a.m.49 views

Spring Cloud Config 2.1.x Path Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Spring Cloud Config Server Directory Traversal', 'Description' = %q This module exploits an unauthenticated directory traversal vulnerability whi...

6.8AI score0.85295EPSS
Exploits6
exploitpack
exploitpack
added 2019/04/30 12:0 a.m.83 views

Spring Cloud Config 2.1.x - Path Traversal (Metasploit)

Spring Cloud Config 2.1.x - Path Traversal Metasploit This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Spring Cloud Config Server Directory Traversal', 'Description' = %q This module exploits an...

4.3CVSS0.2AI score0.85295EPSS
Exploits6
Exploit DB
Exploit DB
added 2019/04/30 12:0 a.m.59 views

Spring Cloud Config 2.1.x - Path Traversal (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Spring Cloud Config Server Directory Traversal', 'Description' = %q This module exploits an unauthenticated directory traversal vulnerability whi...

6.5CVSS6.7AI score0.85295EPSS
Exploits6
Circl
Circl
added 2019/04/26 2:45 p.m.26 views

CVE-2019-3799

creationtimestamp| type| source ---|---|--- 2019-04-26 14:45:34+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/springcloudtraversal.rb 2023-11-02 13:56:07+00:00| published-proof-of-concept| https://t.me/CNArsenal/1418 2023-11-02...

6.5CVSS6AI score0.85295EPSS
Exploits6References3
myhack58
myhack58
added 2019/04/19 12:0 a.m.147 views

Spring Cloud Config directory traversal vulnerability, CVE-2019-3799)early warning-vulnerability warning-the black bar safety net

Recently, the Spring official team in the latest security update, disclose a SpringCloud Config directory traversal vulnerability, CVE-2019-3799 on. Vulnerability official rated as High, belong to high-risk vulnerabilities. The vulnerability in essence is allows an application program through the...

6.6AI score0.85295EPSS
Exploits6
Metasploit
Metasploit
added 2019/04/18 7:24 a.m.79 views

Spring Cloud Config Server Directory Traversal

This module exploits an unauthenticated directory traversal vulnerability which exists in Spring Cloud Config versions 2.1.x prior to 2.1.2, versions 2.0.x prior to 2.0.4, and versions 1.4.x prior to 1.4.6. Spring Cloud Config listens by default on port 8888. This module requires Metasploit:...

6.5CVSS0.1AI score0.85295EPSS
Exploits6
Rows per page
Query Builder