GHSA-q5j9-f95w-f4pr: TERASOLUNA Server Framework vulnerable to ClassLoader manipulation

TERASOLUNA Server Framework vulnerable to ClassLoader manipulation

Critical severity GitHub Reviewed Published Dec 5, 2022 • Updated Dec 5, 2022

Package

maven org.terasoluna.gfw:terasoluna-gfw-common (Maven)

Affected versions

< 5.7.1.SP1.RELEASE

Patched versions

5.7.1.SP1.RELEASE

Description

TERASOLUNA Global Framework 1.0.0 (Public review version) and TERASOLUNA Server Framework for Java (Rich) 2.0.0.2 to 2.0.5.1 are vulnerable to ClassLoader manipulation due to using the old version of Spring Framework which contains the vulnerability. The vulnerability is caused by an improper input validation issue in the binding mechanism of Spring MVC. By the application processing a specially crafted file, arbitrary code may be executed with the privileges of the application.

When using TERASOLUNA Global Framework 1.0.0 (Public review version), update to TERASOLUNA Server Framework for Java 5.7.1.SP1 (using Spring Framework 5.3.18). This vulnerability alone can be addressed by updating to TERASOLUNA Global Framework 1.0.1 (using Spring Framework 3.2.10) or later.

References

• https://nvd.nist.gov/vuln/detail/CVE-2022-43484
• https://jvn.jp/en/jp/JVN54728399/index.html
• https://osdn.net/projects/terasoluna/wiki/cve-2022-43484
• http://terasolunaorg.github.io/vulnerability/cve-2022-43484.html

Severity

Critical

9.8

/ 10

CVSS base metrics

Attack vector

Network

Attack complexity

Low

Privileges required

None

User interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weaknesses

CWE-20

CVE ID

CVE-2022-43484

GHSA ID

GHSA-q5j9-f95w-f4pr

Source code

terasolunaorg/terasoluna-gfw

Checking history

See something to contribute? Suggest improvements for this vulnerability.