module
Spring Cloud Function SpEL Injection
| Disclosed |
|---|
| Mar 29, 2022 |
Disclosed
Mar 29, 2022
Description
Spring Cloud Function versions prior to 3.1.7 and 3.2.3 are vulnerable to remote code execution due to using
an unsafe evaluation context with user-provided queries. By crafting a request to the application and setting
the spring.cloud.function.routing-expression header, an unauthenticated attacker can gain remote code
execution. Both patched and unpatched servers will respond with a 500 server error and a JSON encoded message.
an unsafe evaluation context with user-provided queries. By crafting a request to the application and setting
the spring.cloud.function.routing-expression header, an unauthenticated attacker can gain remote code
execution. Both patched and unpatched servers will respond with a 500 server error and a JSON encoded message.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.