CVE-2020-5398

In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an application is vulnerable to a reflected file download (RFD) attack when it sets a "Content-Disposition" header in the response where the filename attribute is derived from user supplied input.
Cross-site Scripting
Severity
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Atk. Vector
NETWORK
Atk. Complexity
HIGH
Priv. Required
NONE
Base Score
CVSS 3.x
EPSS Score
Percentile: 97%
VendorProductVersion
vmwarespring_framework
5.0.0 ≤
𝑥
< 5.0.16
vmwarespring_framework
5.1.0 ≤
𝑥
< 5.1.13
vmwarespring_framework
5.2.0 ≤
𝑥
< 5.2.3
oracleapplication_testing_suite
13.3.0.1
oraclecommunications_billing_and_revenue_management_elastic_charging_engine
11.3
oraclecommunications_billing_and_revenue_management_elastic_charging_engine
12.0
oraclecommunications_cloud_native_core_policy
1.5.0
oraclecommunications_diameter_signaling_router
8.0.0 ≤
𝑥
≤ 8.2.2
oraclecommunications_element_manager
8.1.1
oraclecommunications_element_manager
8.2.0
oraclecommunications_element_manager
8.2.1
oraclecommunications_policy_management
12.5.0
oraclecommunications_session_report_manager
8.1.1
oraclecommunications_session_report_manager
8.2.0
oraclecommunications_session_report_manager
8.2.1
oraclecommunications_session_route_manager
8.1.1
oraclecommunications_session_route_manager
8.2.0
oraclecommunications_session_route_manager
8.2.1
oracleenterprise_manager_base_platform
13.2.1.0
oraclefinancial_services_regulatory_reporting_with_agilereporter
8.0.9.2.0
oracleflexcube_private_banking
12.0.0
oracleflexcube_private_banking
12.1.0
oraclehealthcare_master_person_index
4.0.2
oracleinsurance_calculation_engine
11.0.0 ≤
𝑥
≤ 11.3.1
oracleinsurance_policy_administration_j2ee
10.2.0
oracleinsurance_policy_administration_j2ee
10.2.4
oracleinsurance_policy_administration_j2ee
11.0.2
oracleinsurance_policy_administration_j2ee
11.1.0
oracleinsurance_policy_administration_j2ee
11.2.0
oracleinsurance_policy_administration_j2ee
11.2.2.0
oracleinsurance_rules_palette
10.2.0
oracleinsurance_rules_palette
10.2.4
oracleinsurance_rules_palette
11.0.2
oracleinsurance_rules_palette
11.1.0
oracleinsurance_rules_palette
11.2.0
oraclemysql
4.0.0 ≤
𝑥
≤ 4.0.12
oraclemysql
8.0.0 ≤
𝑥
≤ 8.0.20
oraclerapid_planning
12.1
oraclerapid_planning
12.2
oracleretail_assortment_planning
15.0
oracleretail_assortment_planning
16.0
oracleretail_back_office
14.1
oracleretail_bulk_data_integration
16.0.3.0
oracleretail_central_office
14.1
oracleretail_financial_integration
15.0
oracleretail_financial_integration
16.0
oracleretail_integration_bus
15.0.3
oracleretail_integration_bus
16.0.3
oracleretail_order_broker
15.0
oracleretail_order_broker
16.0
oracleretail_point-of-service
14.1
oracleretail_predictive_application_server
14.0.3
oracleretail_predictive_application_server
14.1.3.0
oracleretail_predictive_application_server
15.0.3
oracleretail_predictive_application_server
16.0.3.0
oracleretail_returns_management
14.1
oracleretail_service_backbone
15.0
oracleretail_service_backbone
16.0
oraclesiebel_engineering_-_installer_\&_deployment
𝑥
≤ 2.1.1
oracleweblogic_server
12.2.1.3.0
oracleweblogic_server
12.2.1.4.0
netappdata_availability_services
-
netappsnapcenter
-
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
libspring-java
bullseye
4.3.30-1
fixed
sid
4.3.30-2
fixed
trixie
4.3.30-2
fixed
bookworm
4.3.30-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
libspring-java
noble
needs-triage
mantic
ignored
lunar
ignored
kinetic
ignored
jammy
needs-triage
impish
ignored
hirsute
ignored
groovy
ignored
focal
needs-triage
eoan
ignored
disco
ignored
bionic
needs-triage
xenial
needs-triage
trusty
needs-triage
References