The base directory (spring.cloud.config.server.git.basedir) used by the Spring Cloud Config Server to clone Git repositories to is susceptible to time-of-check-time-of-use (TOCTOU) attacks.
Spring Cloud Config 3.1.x: affected from 3.1.0 through 3.1.13 (inclusive); upgrade to 3.1.14 or greater (Enterprise Support Only). Spring Cloud Config 4.1.x: affected from 4.1.0 through 4.1.9 (inclusive); upgrade to 4.1.10 or greater (Enterprise Support Only). Spring Cloud Config 4.2.x: affected from 4.2.0 through 4.2.6 (inclusive); upgrade to 4.2.7 or greater (Enterprise Support Only). Spring Cloud Config 4.3.x: affected from 4.3.0 through 4.3.2 (inclusive); upgrade to 4.3.3 or greater. Spring Cloud Config 5.0.x: affected from 5.0.0 through 5.0.2 (inclusive); upgrade to 5.0.3 or greater.
Weakness
The product checks the state of a resource before using that resource, but the resource’s state can change between the check and the use in a way that invalidates the results of the check.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Spring_cloud_config | Vmware | 3.1.0 (including) | 3.1.14 (excluding) |
| Spring_cloud_config | Vmware | 4.1.0 (including) | 4.1.10 (excluding) |
| Spring_cloud_config | Vmware | 4.2.0 (including) | 4.2.7 (excluding) |
| Spring_cloud_config | Vmware | 4.3.0 (including) | 4.3.3 (excluding) |
| Spring_cloud_config | Vmware | 5.0.0 (including) | 5.0.3 (excluding) |