Headline
GHSA-q5j9-f95w-f4pr: TERASOLUNA Server Framework vulnerable to ClassLoader manipulation
TERASOLUNA Global Framework 1.0.0 (Public review version) and TERASOLUNA Server Framework for Java (Rich) 2.0.0.2 to 2.0.5.1 are vulnerable to ClassLoader manipulation due to using the old version of Spring Framework which contains the vulnerability. The vulnerability is caused by an improper input validation issue in the binding mechanism of Spring MVC. By the application processing a specially crafted file, arbitrary code may be executed with the privileges of the application.
When using TERASOLUNA Global Framework 1.0.0 (Public review version), update to TERASOLUNA Server Framework for Java 5.7.1.SP1 (using Spring Framework 5.3.18). This vulnerability alone can be addressed by updating to TERASOLUNA Global Framework 1.0.1 (using Spring Framework 3.2.10) or later.
TERASOLUNA Server Framework vulnerable to ClassLoader manipulation
Critical severity GitHub Reviewed Published Dec 5, 2022 • Updated Dec 5, 2022
Package
maven org.terasoluna.gfw:terasoluna-gfw-common (Maven)
Affected versions
< 5.7.1.SP1.RELEASE
Patched versions
5.7.1.SP1.RELEASE
Description
TERASOLUNA Global Framework 1.0.0 (Public review version) and TERASOLUNA Server Framework for Java (Rich) 2.0.0.2 to 2.0.5.1 are vulnerable to ClassLoader manipulation due to using the old version of Spring Framework which contains the vulnerability. The vulnerability is caused by an improper input validation issue in the binding mechanism of Spring MVC. By the application processing a specially crafted file, arbitrary code may be executed with the privileges of the application.
When using TERASOLUNA Global Framework 1.0.0 (Public review version), update to TERASOLUNA Server Framework for Java 5.7.1.SP1 (using Spring Framework 5.3.18). This vulnerability alone can be addressed by updating to TERASOLUNA Global Framework 1.0.1 (using Spring Framework 3.2.10) or later.
References
- https://nvd.nist.gov/vuln/detail/CVE-2022-43484
- https://jvn.jp/en/jp/JVN54728399/index.html
- https://osdn.net/projects/terasoluna/wiki/cve-2022-43484
- http://terasolunaorg.github.io/vulnerability/cve-2022-43484.html
Severity
Critical
9.8
/ 10
CVSS base metrics
Attack vector
Network
Attack complexity
Low
Privileges required
None
User interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weaknesses
CWE-20
CVE ID
CVE-2022-43484
GHSA ID
GHSA-q5j9-f95w-f4pr
Source code
terasolunaorg/terasoluna-gfw
Checking history
See something to contribute? Suggest improvements for this vulnerability.
Related news
TERASOLUNA Global Framework 1.0.0 (Public review version) and TERASOLUNA Server Framework for Java (Rich) 2.0.0.2 to 2.0.5.1 are vulnerable to a ClassLoader manipulation vulnerability due to using the old version of Spring Framework which contains the vulnerability.The vulnerability is caused by an improper input validation issue in the binding mechanism of Spring MVC. By the application processing a specially crafted file, arbitrary code may be executed with the privileges of the application.