CVE-2018-1196

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2018-1196

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-1196.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2018-1196

Aliases

GHSA-xx65-cc7g-9pfp

Published

2018-03-19T18:29:00Z

Modified

2025-02-19T00:18:37Z

Severity

5.9 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator

Summary

[none]

Details

Spring Boot supports an embedded launch script that can be used to easily run the application as a systemd or init.d linux service. The script included with Spring Boot 1.5.9 and earlier and 2.0.0.M1 through 2.0.0.M7 is susceptible to a symlink attack which allows the "runuser" to overwrite and take ownership of any file on the same system. In order to instigate the attack, the application must be installed as a service and the "runuser" requires shell access to the server. Spring Boot application that are not installed as a service, or are not using the embedded launch script are not susceptible.

References

https://pivotal.io/security/cve-2018-1196

Affected packages

Git / github.com/spring-projects/spring-boot

Affected ranges

Type: GIT
Repo: https://github.com/spring-projects/spring-boot
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

14563ef24c6a5ef0658af60a489466dbe5e5910c

Last affected

1c02e9e1eafa19ff7753d56105ed1f6fad5d2b9d

Last affected

1e8b9569d3a3900a0ed61712099823ad735b8078

Last affected

5482bae289df99722a607275e07a238447d2becd

Last affected

75eb17fafc78cb843d3983e376e5f64078135830

Last affected

95df4859a54c63652a0b455b8d6c8133d4c0091a

Last affected

a3871adf3aa6f5499213ef026f84899b9cd38b65

Last affected

a9503abb94b203a717527b81a94dc9d3cb4b1afa