CVE-2020-5398

Published on: 01/16/2020 12:00:00 AM UTC

Last Modified on: 07/25/2022 07:09:12 PM UTC

CVE-2020-5398

CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H

Certain versions of Data Availability Services from Netapp contain the following vulnerability:

In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an application is vulnerable to a reflected file download (RFD) attack when it sets a "Content-Disposition" header in the response where the filename attribute is derived from user supplied input.

CVE-2020-5398 has been assigned by [email protected] to track the vulnerability - currently rated as HIGH severity.
Affected Vendor/Software: Spring - Spring Framework version v5.0.16.RELEASE
Affected Vendor/Software: Spring - Spring Framework version v5.1.13.RELEASE
Affected Vendor/Software: Spring - Spring Framework version v5.2.3.RELEASE

CVSS3 Score: 7.5 - HIGH

Attack Vector ^ⓘ	Attack Complexity	Privileges Required	User Interaction
NETWORK	HIGH	NONE	REQUIRED
Scope	Confidentiality Impact	Integrity Impact	Availability Impact
UNCHANGED	HIGH	HIGH	HIGH

CVSS2 Score: 7.6 - HIGH

Access Vector^ⓘ	Access Complexity	Authentication
NETWORK	HIGH	NONE
Confidentiality Impact	Integrity Impact	Availability Impact
COMPLETE	COMPLETE	COMPLETE

CVE References

Description	Tags ^ⓘ	Link
Pony Mail!	lists.apache.org text/html	MLIST [karaf-commits] 20200518 [GitHub] [karaf] jbonofre removed a comment on pull request #1118: KARAF-6721 - Update Spring versions due to CVE-2020-5398
Pony Mail!	lists.apache.org text/html	MLIST [karaf-commits] 20200514 [GitHub] [karaf] skitt commented on a change in pull request #1118: KARAF-6721 - Update Spring versions due to CVE-2020-5398
Pony Mail!	lists.apache.org text/html	MLIST [karaf-commits] 20200517 [GitHub] [karaf] jbonofre commented on a change in pull request #1118: KARAF-6721 - Update Spring versions due to CVE-2020-5398
Pony Mail!	lists.apache.org text/html	MLIST [geode-dev] 20200410 Re: Proposal to bring GEODE-7970 to support/1.12
Pony Mail!	lists.apache.org text/html	MLIST [karaf-commits] 20200518 [karaf] branch master updated: KARAF-6721 - Update Spring versions due to CVE-2020-5398
Pony Mail!	lists.apache.org text/html	MLIST [ambari-issues] 20201013 [jira] [Created] (AMBARI-25571) Vulnerable Spring components in Ambari - CVE-2020-5398, CVE-2020-5421
Oracle Critical Patch Update Advisory - July 2020	www.oracle.com text/html	MISC www.oracle.com/security-alerts/cpujul2020.html
Pony Mail!	lists.apache.org text/html	MISC lists.apache.org/thread.html/[email protected]%3Ccommits.servicecomb.apache.org%3E
Pony Mail!	lists.apache.org text/html	MLIST [karaf-issues] 20200517 [jira] [Updated] (KARAF-6721) Upgrade to Spring 5.1.14.RELEASE and 5.2.5.RELEASE due to CVE-2020-5398
Pony Mail!	lists.apache.org text/html	MLIST [karaf-commits] 20200517 [GitHub] [karaf] jbonofre commented on pull request #1118: KARAF-6721 - Update Spring versions due to CVE-2020-5398
CVE-2020-5398: RFD Attack via “Content-Disposition” Header Sourced from Request Input by Spring MVC or Spring WebFlux Application \| Security \| Pivotal	Vendor Advisory pivotal.io text/html	CONFIRM pivotal.io/security/cve-2020-5398
Pony Mail!	lists.apache.org text/html	MISC lists.apache.org/thread.html/[email protected]%3Cdev.rocketmq.apache.org%3E
Pony Mail!	lists.apache.org text/html	MLIST [karaf-commits] 20200514 [GitHub] [karaf] coheigea commented on a change in pull request #1118: KARAF-6721 - Update Spring versions due to CVE-2020-5398
Oracle Critical Patch Update Advisory - October 2020	www.oracle.com text/html	MISC www.oracle.com/security-alerts/cpuoct2020.html
Pony Mail!	lists.apache.org text/html	MLIST [ambari-dev] 20201019 [GitHub] [ambari] dlysnichenko merged pull request #3246: AMBARI-25571. Vulnerable Spring components in Ambari - CVE-2020-5398, CVE-2020-5421
Pony Mail!	lists.apache.org text/html	MISC lists.apache.org/thread.html/[email protected]%3Ccommits.servicecomb.apache.org%3E
Oracle Critical Patch Update Advisory - July 2021	www.oracle.com text/html	MISC www.oracle.com//security-alerts/cpujul2021.html
Pony Mail!	lists.apache.org text/html	MLIST [ambari-issues] 20201021 [jira] [Resolved] (AMBARI-25571) Vulnerable Spring components in Ambari - CVE-2020-5398, CVE-2020-5421
Pony Mail!	lists.apache.org text/html	MLIST [rocketmq-dev] 20210317 [GitHub] [rocketmq-externals] vongosling commented on issue #690: Spring Framework CVE-2020-5398
Pony Mail!	lists.apache.org text/html	MLIST [karaf-issues] 20200517 [jira] [Commented] (KARAF-6721) Update Spring versions due to CVE-2020-5398
Oracle Critical Patch Update Advisory - October 2021	www.oracle.com text/html	MISC www.oracle.com/security-alerts/cpuoct2021.html
Pony Mail!	lists.apache.org text/html	MLIST [karaf-issues] 20200518 [jira] [Commented] (KARAF-6721) Upgrade to Spring 5.1.14.RELEASE and 5.2.5.RELEASE due to CVE-2020-5398
Pony Mail!	lists.apache.org text/html	MLIST [karaf-issues] 20200517 [jira] [Assigned] (KARAF-6721) Update Spring versions due to CVE-2020-5398
Pony Mail!	lists.apache.org text/html	MLIST [camel-commits] 20200220 [camel] branch camel-2.25.x updated: Updating Spring due to CVE-2020-5398
Pony Mail!	lists.apache.org text/html	MLIST [karaf-commits] 20200518 [karaf] branch karaf-4.2.x updated: KARAF-6721 - Update Spring versions due to CVE-2020-5398
Pony Mail!	lists.apache.org text/html	MLIST [karaf-commits] 20200518 [GitHub] [karaf] jbonofre merged pull request #1118: KARAF-6721 - Update Spring versions due to CVE-2020-5398
Pony Mail!	lists.apache.org text/html	MISC lists.apache.org/thread.html/[email protected]%3Cdev.rocketmq.apache.org%3E
Pony Mail!	lists.apache.org text/html	MLIST [ambari-dev] 20201019 [GitHub] [ambari] dlysnichenko opened a new pull request #3246: AMBARI-25571. Vulnerable Spring components in Ambari - CVE-2020-5398, CVE-2020-5421
Pony Mail!	lists.apache.org text/html	MLIST [karaf-issues] 20200517 [jira] [Updated] (KARAF-6721) Update Spring versions due to CVE-2020-5398
Pony Mail!	lists.apache.org text/html	MLIST [karaf-issues] 20200514 [jira] [Commented] (KARAF-6721) Update Spring versions due to CVE-2020-5398
Pony Mail!	lists.apache.org text/html	MLIST [karaf-issues] 20200514 [jira] [Updated] (KARAF-6721) Update Spring versions due to CVE-2020-5398
Pony Mail!	lists.apache.org text/html	MLIST [karaf-issues] 20200518 [jira] [Resolved] (KARAF-6721) Upgrade to Spring 5.1.14.RELEASE and 5.2.5.RELEASE due to CVE-2020-5398
Pony Mail!	lists.apache.org text/html	MLIST [karaf-commits] 20200518 [GitHub] [karaf] jbonofre commented on pull request #1118: KARAF-6721 - Update Spring versions due to CVE-2020-5398
Pony Mail!	lists.apache.org text/html	MLIST [geode-dev] 20200410 Proposal to bring GEODE-7970 to support/1.12
Pony Mail!	lists.apache.org text/html	MLIST [ambari-commits] 20201019 [ambari] branch branch-2.7 updated: AMBARI-25571. Vulnerable Spring components in Ambari - CVE-2020-5398, CVE-2020-5421 (dlysnichenko) (#3246)
Pony Mail!	lists.apache.org text/html	MISC lists.apache.org/thread.html/[email protected]%3Ccommits.servicecomb.apache.org%3E
Oracle Critical Patch Update Advisory - April 2020	www.oracle.com text/html	N/A N/A
Pony Mail!	lists.apache.org text/html	MISC lists.apache.org/thread.html/[email protected]%3Cdev.rocketmq.apache.org%3E
Oracle Critical Patch Update Advisory - July 2022	www.oracle.com text/html	MISC www.oracle.com/security-alerts/cpujul2022.html
Oracle Critical Patch Update Advisory - April 2021	www.oracle.com text/html	MISC www.oracle.com/security-alerts/cpuApr2021.html
Oracle Critical Patch Update Advisory - January 2021	www.oracle.com text/html	MISC www.oracle.com/security-alerts/cpujan2021.html
Pony Mail!	lists.apache.org text/html	MLIST [karaf-commits] 20200514 [GitHub] [karaf] coheigea opened a new pull request #1118: KARAF-6721 - Update Spring versions due to CVE-2020-5398
CVE-2020-5398 Spring Framework Vulnerability in NetApp Products \| NetApp Product Security	security.netapp.com text/html	CONFIRM security.netapp.com/advisory/ntap-20210917-0006/
Pony Mail!	lists.apache.org text/html	MLIST [karaf-issues] 20200514 [jira] [Created] (KARAF-6721) Update Spring versions due to CVE-2020-5398

By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].

Related QID Numbers

730118 Dell Unisphere for PowerMax Security Update for Multiple Third-Party Component Vulnerabilities
730119 Dell Solutions Enabler Security Update for Multiple Third-Party Component Vulnerabilities
980299 Java (maven) Security Update for org.springframework:spring-webflux (GHSA-8wx2-9q48-vm9r)

Known Affected Configurations (CPE V2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Netapp	Data Availability Services	-	All	All	All
Application	Netapp	Snapcenter	-	All	All	All
Application	Oracle	Application Testing Suite	13.3.0.1	All	All	All
Application	Oracle	Communications Billing And Revenue Management Elastic Charging Engine	11.3	All	All	All
Application	Oracle	Communications Billing And Revenue Management Elastic Charging Engine	12.0	All	All	All
Application	Oracle	Communications Cloud Native Core Policy	1.5.0	All	All	All
Application	Oracle	Communications Diameter Signaling Router	All	All	All	All
Application	Oracle	Communications Element Manager	8.1.1	All	All	All
Application	Oracle	Communications Element Manager	8.2.0	All	All	All
Application	Oracle	Communications Element Manager	8.2.1	All	All	All
Application	Oracle	Communications Policy Management	12.5.0	All	All	All
Application	Oracle	Communications Session Report Manager	8.1.1	All	All	All
Application	Oracle	Communications Session Report Manager	8.2.0	All	All	All
Application	Oracle	Communications Session Report Manager	8.2.1	All	All	All
Application	Oracle	Communications Session Route Manager	8.1.1	All	All	All
Application	Oracle	Communications Session Route Manager	8.2.0	All	All	All
Application	Oracle	Communications Session Route Manager	8.2.1	All	All	All
Application	Oracle	Enterprise Manager Base Platform	13.2.1.0	All	All	All
Application	Oracle	Financial Services Regulatory Reporting With Agilereporter	8.0.9.2.0	All	All	All
Application	Oracle	Flexcube Private Banking	12.0.0	All	All	All
Application	Oracle	Flexcube Private Banking	12.1.0	All	All	All
Application	Oracle	Healthcare Master Person Index	4.0.2	All	All	All
Application	Oracle	Insurance Calculation Engine	All	All	All	All
Application	Oracle	Insurance Policy Administration J2ee	10.2.0	All	All	All
Application	Oracle	Insurance Policy Administration J2ee	10.2.4	All	All	All
Application	Oracle	Insurance Policy Administration J2ee	11.0.2	All	All	All
Application	Oracle	Insurance Policy Administration J2ee	11.1.0	All	All	All
Application	Oracle	Insurance Policy Administration J2ee	11.2.0	All	All	All
Application	Oracle	Insurance Policy Administration J2ee	11.2.2.0	All	All	All
Application	Oracle	Insurance Rules Palette	10.2.0	All	All	All
Application	Oracle	Insurance Rules Palette	10.2.4	All	All	All
Application	Oracle	Insurance Rules Palette	11.0.2	All	All	All
Application	Oracle	Insurance Rules Palette	11.1.0	All	All	All
Application	Oracle	Insurance Rules Palette	11.2.0	All	All	All
Application	Oracle	Mysql	All	All	All	All
Application	Oracle	Mysql	All	All	All	All
Application	Oracle	Rapid Planning	12.1	All	All	All
Application	Oracle	Rapid Planning	12.2	All	All	All
Application	Oracle	Retail Assortment Planning	15.0	All	All	All
Application	Oracle	Retail Assortment Planning	16.0	All	All	All
Application	Oracle	Retail Back Office	14.1	All	All	All
Application	Oracle	Retail Bulk Data Integration	16.0.3.0	All	All	All
Application	Oracle	Retail Central Office	14.1	All	All	All
Application	Oracle	Retail Financial Integration	15.0	All	All	All
Application	Oracle	Retail Financial Integration	16.0	All	All	All
Application	Oracle	Retail Integration Bus	15.0.3	All	All	All
Application	Oracle	Retail Integration Bus	16.0.3	All	All	All
Application	Oracle	Retail Order Broker	15.0	All	All	All
Application	Oracle	Retail Order Broker	16.0	All	All	All
Application	Oracle	Retail Point-of-service	14.1	All	All	All
Application	Oracle	Retail Predictive Application Server	14.0.3	All	All	All
Application	Oracle	Retail Predictive Application Server	14.1.3.0	All	All	All
Application	Oracle	Retail Predictive Application Server	15.0.3	All	All	All
Application	Oracle	Retail Predictive Application Server	16.0.3.0	All	All	All
Application	Oracle	Retail Returns Management	14.1	All	All	All
Application	Oracle	Retail Service Backbone	15.0	All	All	All
Application	Oracle	Retail Service Backbone	16.0	All	All	All
Application	Oracle	Siebel Engineering - Installer Deployment	All	All	All	All
Application	Oracle	Weblogic Server	12.2.1.3.0	All	All	All
Application	Oracle	Weblogic Server	12.2.1.4.0	All	All	All
Application	Pivotal Software	Spring Framework	All	All	All	All
Application	Pivotal Software	Spring Framework	5.1.0	-	All	All
Application	Pivotal Software	Spring Framework	5.1.0	rc1	All	All
Application	Pivotal Software	Spring Framework	5.1.0	rc2	All	All
Application	Pivotal Software	Spring Framework	5.1.0	rc3	All	All
Application	Pivotal Software	Spring Framework	All	All	All	All
Application	Pivotal Software	Spring Framework	5.1.0	-	All	All
Application	Pivotal Software	Spring Framework	5.1.0	rc1	All	All
Application	Pivotal Software	Spring Framework	5.1.0	rc2	All	All
Application	Pivotal Software	Spring Framework	5.1.0	rc3	All	All
Application	Vmware	Spring Framework	All	All	All	All
Application	Vmware	Spring Framework	5.1.0	-	All	All
Application	Vmware	Spring Framework	5.1.0	rc1	All	All
Application	Vmware	Spring Framework	5.1.0	rc2	All	All
Application	Vmware	Spring Framework	5.1.0	rc3	All	All

cpe:2.3:a:netapp:data_availability_services:-:*:*:*:*:*:*:*:
cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:communications_billing_and_revenue_management_elastic_charging_engine:11.3:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:communications_billing_and_revenue_management_elastic_charging_engine:12.0:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.5.0:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:communications_policy_management:12.5.0:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:enterprise_manager_base_platform:13.2.1.0:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:financial_services_regulatory_reporting_with_agilereporter:8.0.9.2.0:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:flexcube_private_banking:12.0.0:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:flexcube_private_banking:12.1.0:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:healthcare_master_person_index:4.0.2:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:insurance_calculation_engine:*:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:insurance_policy_administration_j2ee:10.2.0:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:insurance_policy_administration_j2ee:10.2.4:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:insurance_policy_administration_j2ee:11.0.2:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:insurance_policy_administration_j2ee:11.1.0:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:insurance_policy_administration_j2ee:11.2.0:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:insurance_policy_administration_j2ee:11.2.2.0:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:insurance_rules_palette:10.2.0:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:insurance_rules_palette:10.2.4:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:insurance_rules_palette:11.0.2:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:insurance_rules_palette:11.1.0:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:insurance_rules_palette:11.2.0:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:rapid_planning:12.1:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:rapid_planning:12.2:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:retail_assortment_planning:15.0:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:retail_assortment_planning:16.0:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:retail_back_office:14.1:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:retail_bulk_data_integration:16.0.3.0:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:retail_central_office:14.1:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:retail_financial_integration:15.0:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:retail_financial_integration:16.0:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:retail_integration_bus:15.0.3:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:retail_integration_bus:16.0.3:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:retail_order_broker:15.0:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:retail_order_broker:16.0:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:retail_point-of-service:14.1:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:retail_predictive_application_server:14.0.3:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:retail_predictive_application_server:14.1.3.0:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:retail_predictive_application_server:15.0.3:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:retail_predictive_application_server:16.0.3.0:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:retail_returns_management:14.1:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:retail_service_backbone:15.0:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:retail_service_backbone:16.0:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:siebel_engineering_-_installer_\&_deployment:*:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*:
cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*:
cpe:2.3:a:pivotal_software:spring_framework:*:*:*:*:*:*:*:*:
cpe:2.3:a:pivotal_software:spring_framework:5.1.0:-:*:*:*:*:*:*:
cpe:2.3:a:pivotal_software:spring_framework:5.1.0:rc1:*:*:*:*:*:*:
cpe:2.3:a:pivotal_software:spring_framework:5.1.0:rc2:*:*:*:*:*:*:
cpe:2.3:a:pivotal_software:spring_framework:5.1.0:rc3:*:*:*:*:*:*:
cpe:2.3:a:pivotal_software:spring_framework:*:*:*:*:*:*:*:*:
cpe:2.3:a:pivotal_software:spring_framework:5.1.0:-:*:*:*:*:*:*:
cpe:2.3:a:pivotal_software:spring_framework:5.1.0:rc1:*:*:*:*:*:*:
cpe:2.3:a:pivotal_software:spring_framework:5.1.0:rc2:*:*:*:*:*:*:
cpe:2.3:a:pivotal_software:spring_framework:5.1.0:rc3:*:*:*:*:*:*:
cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:*:
cpe:2.3:a:vmware:spring_framework:5.1.0:-:*:*:*:*:*:*:
cpe:2.3:a:vmware:spring_framework:5.1.0:rc1:*:*:*:*:*:*:
cpe:2.3:a:vmware:spring_framework:5.1.0:rc2:*:*:*:*:*:*:
cpe:2.3:a:vmware:spring_framework:5.1.0:rc3:*:*:*:*:*:*:

No vendor comments have been submitted for this CVE

Social Mentions

Source	Title	Posted (UTC)