GitHub_MCVELIST:CVE-2020-5245CVE-2020-5245 Remote Code Execution (RCE) vulnerability in dropwizard-validation
7.9 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L
8.6 High
AI Score
Confidence
High
0.009 Low
EPSS
Percentile
82.4%
Dropwizard-Validation before 1.3.19, and 2.0.2 may allow arbitrary code execution on the host system, with the privileges of the Dropwizard service account, by injecting arbitrary Java Expression Language expressions when using the self-validating feature.
The issue has been fixed in dropwizard-validation 1.3.19 and 2.0.2.
CNA Affected
[
{
"vendor": "dropwizard",
"product": "dropwizard-validation",
"versions": [
{
"version": ">= 1.3.0, < 1.3.19",
"status": "affected"
},
{
"version": ">= 2.0.0, < 2.0.2",
"status": "affected"
}
]
}
]References
beanvalidation.org/2.0/spec/#validationapi-message-defaultmessageinterpolation
docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-interpolation-with-message-expressions
docs.oracle.com/javaee/7/tutorial/jsf-el.htm
github.com/dropwizard/dropwizard/commit/28479f743a9d0aab6d0e963fc07f3dd98e8c8236
github.com/dropwizard/dropwizard/commit/d87d1e4f8e20f6494c0232bf8560c961b46db634
github.com/dropwizard/dropwizard/pull/3157
github.com/dropwizard/dropwizard/pull/3160
github.com/dropwizard/dropwizard/security/advisories/GHSA-3mcp-9wr4-cjqf
Related
7.9 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L
8.6 High
AI Score
Confidence
High
0.009 Low
EPSS
Percentile
82.4%