{ "threat_severity" : "Moderate", "public_date" : "2016-12-21T00:00:00Z", "bugzilla" : { "description" : "Framework: Directory Traversal in the Spring Framework ResourceServlet", "id" : "1408164", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1408164" }, "cvss" : { "cvss_base_score" : "6.8", "cvss_scoring_vector" : "AV:N/AC:M/Au:N/C:P/I:P/A:P", "status" : "verified" }, "cvss3" : { "cvss3_base_score" : "5.6", "cvss3_scoring_vector" : "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "status" : "verified" }, "cwe" : "CWE-22", "details" : [ "An issue was discovered in Pivotal Spring Framework before 3.2.18, 4.2.x before 4.2.9, and 4.3.x before 4.3.5. Paths provided to the ResourceServlet were not properly sanitized and as a result exposed to directory traversal attacks.", "It was found that ResourceServlet in Spring Framework does not sanitize the paths that have been provided properly. An attacker can utilize this flaw to conduct a directory traversal attacks." ], "affected_release" : [ { "product_name" : "Red Hat JBoss A-MQ 6.3", "release_date" : "2017-11-02T00:00:00Z", "advisory" : "RHSA-2017:3115", "cpe" : "cpe:/a:redhat:jboss_amq:6.3" }, { "product_name" : "Red Hat JBoss Fuse 6.3", "release_date" : "2017-11-02T00:00:00Z", "advisory" : "RHSA-2017:3115", "cpe" : "cpe:/a:redhat:jboss_fuse:6.3" } ], "package_state" : [ { "product_name" : "Red Hat BPM Suite 6", "fix_state" : "Not affected", "package_name" : "springframework", "cpe" : "cpe:/a:redhat:jboss_enterprise_bpms_platform" }, { "product_name" : "Red Hat Enterprise Virtualization 3", "fix_state" : "Under investigation", "package_name" : "jasperreports-server-pro", "cpe" : "cpe:/a:redhat:enterprise_linux:7::hypervisor" }, { "product_name" : "Red Hat JBoss A-MQ 6", "fix_state" : "Affected", "package_name" : "karaf", "cpe" : "cpe:/a:redhat:jboss_amq:6" }, { "product_name" : "Red Hat JBoss BRMS 6", "fix_state" : "Not affected", "package_name" : "springframework", "cpe" : "cpe:/a:redhat:jboss_enterprise_brms_platform:6" }, { "product_name" : "Red Hat JBoss Data Virtualization 6", "fix_state" : "Not affected", "package_name" : "springframework", "cpe" : "cpe:/a:redhat:jboss_data_virtualization:6" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 5", "fix_state" : "Will not fix", "package_name" : "spring-webmvc", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:5" }, { "product_name" : "Red Hat JBoss Fuse 6", "fix_state" : "Affected", "package_name" : "karaf", "cpe" : "cpe:/a:redhat:jboss_fuse:6" }, { "product_name" : "Red Hat Mobile Application Platform 4", "fix_state" : "Not affected", "package_name" : "millicore", "cpe" : "cpe:/a:redhat:mobile_application_platform:4" }, { "product_name" : "Red Hat OpenShift Enterprise 2", "fix_state" : "Not affected", "package_name" : "activemq", "cpe" : "cpe:/a:redhat:openshift:2" }, { "product_name" : "Red Hat OpenShift Enterprise 2", "fix_state" : "Affected", "package_name" : "cartridge-amq", "cpe" : "cpe:/a:redhat:openshift:2" }, { "product_name" : "Red Hat OpenShift Enterprise 2", "fix_state" : "Affected", "package_name" : "cartridge-fuse", "cpe" : "cpe:/a:redhat:openshift:2" }, { "product_name" : "Red Hat OpenShift Enterprise 2", "fix_state" : "Under investigation", "package_name" : "jenkins", "cpe" : "cpe:/a:redhat:openshift:2" }, { "product_name" : "Red Hat Storage 3", "fix_state" : "Will not fix", "package_name" : "springframework", "cpe" : "cpe:/a:redhat:storage:3" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2016-9878\nhttps://nvd.nist.gov/vuln/detail/CVE-2016-9878\nhttps://pivotal.io/security/cve-2016-9878" ], "name" : "CVE-2016-9878", "csaw" : false }