Description

Nepxion Discovery is a solution for Spring Cloud. Discover is vulnerable to SpEL Injection in discovery-commons. DiscoveryExpressionResolver’s eval method is evaluating expression with a StandardEvaluationContext, allowing the expression to reach and interact with Java classes such as java.lang.Runtime, leading to Remote Code Execution. There is no patch available for this issue at time of publication. There are no known workarounds.

Remediation

References

https://securitylab.github.com/advisories/GHSL-2022-033_GHSL-2022-034_Discovery/

Related Vulnerabilities

CVE-2022-3783 Vulnerability in npm package node-red-dashboard

CVE-2023-46494 Vulnerability in npm package @evershop/evershop

CVE-2021-23386 Vulnerability in npm package dns-packet

CVE-2017-16174 Vulnerability in npm package whispercast

CVE-2020-15174 Vulnerability in maven package org.webjars.npm:electron

Severity

Critical

Classification

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Exploit Third Party Advisory NVD-CWE-noinfo