In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-04-05 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Internet Technology >
Share
Shulou(Shulou.com)06/01 Report--
Spring MVC and Spring WebFlux header caused by RFD attack risk is how, many novices are not very clear about this, in order to help you solve this problem, the following editor will explain in detail for you, people with this need can come to learn, I hope you can gain something.
0x00 vulnerability background
On January 17, 2020, 360CERT detected that spring officially issued a CVE-2020-5398 vulnerability warning with a high vulnerability level.
In versions 5.1.x before Spring Framework,5.2.x and 5.1.x before 5.0.16 and 5.0.x before 5.0.16, applications are vulnerable to reflection file download (RFD) attacks by setting a "Content-Disposition" response header header in the response, where the filename attribute comes from user-supplied input.
360CERT judges that the vulnerability level is high and the hazard / impact area is large. It is recommended to use Spring MVC or Spring WebFlux users to install the latest patches in time to avoid hacker attacks.
0x01 vulnerability details
The application is vulnerable when all of the following conditions are met:
1. The response header is added through org.springframework.http.ContentDisposition
2. The file name is set in one of the following ways:
ContentDisposition.Builder#filename (String)
ContentDisposition.Builder#filename (String, US_ASCII)
3. The value of filename comes from the input provided by the user.
4. The application did not clear the input provided by the user
5. The attacker has injected malicious commands into the downloaded response.
0x02 affects version
Spring Framework:
5.2.0 to 5.2.2
5.1.0 to 5.1.12
5.0.0 to 5.0.15
0x03 repair recommendation
1. It is recommended that 5.2.x users should upgrade to 5.2.3.
5.1.x users should upgrade to 5.1.13.
5.0.x users should upgrade to 5.0.16
2. Or use the correct configuration:
The "Content-Disposition" response header is not set by the ① application.
② response header is not added through org.springframework.http.ContentDisposition
The ③ file name is set in one of the following ways:
ContentDisposition.Builder#filename (String, UTF_8)
ContentDisposition.Builder#filename (String, ISO_8859_1)
The value of ④ filename is not from the input provided by the user
⑤ filename comes from user-supplied input, but is cleared by the application.
Is it helpful for you to read the above content? If you want to know more about the relevant knowledge or read more related articles, please follow the industry information channel, thank you for your support.
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.