CVE-2024-37084 - Spring Cloud Data Flow File System Write Enable Vuln
CVE ID : CVE-2024-37084 Published : July 25, 2024, 10:15 a.m. | 1 hour, 44 minutes ago Description : In Spring Cloud Data Flow versions prior to 2.11.4, a malicious user who has access to the Skipper server api can use a crafted upload request to write an arbitrary file to any location on the file system which could lead to compromising the server Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-37084
Published : July 25, 2024, 10:15 a.m. | 1 hour, 44 minutes ago
Description : In Spring Cloud Data Flow versions prior to 2.11.4, a malicious user who has access to the Skipper server api can use a crafted upload request to write an arbitrary file to any location on the file system which could lead to compromising the server
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Published : July 25, 2024, 10:15 a.m. | 1 hour, 44 minutes ago
Description : In Spring Cloud Data Flow versions prior to 2.11.4, a malicious user who has access to the Skipper server api can use a crafted upload request to write an arbitrary file to any location on the file system which could lead to compromising the server
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
