Cyber Resilience

CVE-2020-5410

HighCISA KEVActive ExploitationEUVD Exploited

Published: 02 June 2020

Published
02 June 2020
Modified
03 November 2025
KEV Added
25 March 2022
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score 0.9431 100.0th percentile
Risk Priority 92 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2020-5410 is a high-severity Relative Path Traversal (CWE-23) vulnerability in Vmware Spring Cloud Config. Its CVSS base score is 7.5 (High).

Operationally, ranked in the top 0.0% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-10 (Information Input Validation).

Deeper analysis

Spring Cloud Config versions 2.2.x prior to 2.2.3, 2.1.x prior to 2.1.9, and older unsupported releases are affected by a directory traversal vulnerability in the spring-cloud-config-server module. The flaw allows the server to expose arbitrary configuration files when processing requests, corresponding to CWE-22 and CWE-23 with a CVSS 3.1 base score of 7.5 reflecting network-accessible confidentiality impact without authentication.

An unauthenticated attacker can exploit the issue by submitting a request containing a specially crafted URL path. Successful traversal grants read access to files outside the intended configuration directories, enabling disclosure of sensitive application data stored on the server.

The Tanzu VMware security advisory at the referenced URL details the affected versions and remediation steps, while CISA lists CVE-2020-5410 in its catalog of known exploited vulnerabilities, confirming observed in-the-wild attacks.

EU & UK References

Vulnerability details

Spring Cloud Config, versions 2.2.x prior to 2.2.3, versions 2.1.x prior to 2.1.9, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially…

more

crafted URL that can lead to a directory traversal attack.

CWE(s)
KEV Date Added
25 March 2022

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

vmware
spring cloud config
2.1.0 — 2.1.9 · 2.2.0 — 2.2.3

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly enforces access restrictions so the config server cannot return files outside the intended directories via crafted paths.

prevent

Requires validation of URL path input to reject directory traversal sequences such as '../' before they reach the config server.

prevent

Enforces information-flow rules that limit which files may be disclosed, blocking the unauthorized read access granted by the traversal flaw.

References