Spring Cloud Config Server í§ÒâÎļþ¶ÁÈ¡Îó²îÇ徲ͨ¸æ

Ðû²¼Ê±¼ä 2019-04-18

Îó²î±àºÅºÍ¼¶±ð


CVE±àºÅ£ºCVE-2019-3799£¬£¬£¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬£¬£¬£¬£¬£¬£¬CVSS·ÖÖµ£º¹Ù·½Î´ÆÀ¶¨


Ó°Ïì°æ±¾


Spring Cloud Config 2.1.0 to 2.1.1

Spring Cloud Config 2.0.0 to 2.0.3

Spring Cloud Config 1.4.0 to 1.4.5

ÆäËû²»ÊÜÖ§³ÖµÄÀÏ°æ±¾ £¨ÈçSpring Cloud Config1.3¼°ÆäÒÔÏ°汾£©

ÖµµÃ×¢ÖصÄÊÇͨ¹ýmaven×Ô¶¯¹¹½¨µÄÓ¦Ó㬣¬£¬£¬£¬£¬£¬ÈôÊDz»Ö¸¶¨spring-cloud-config-serverµÄ°æ±¾£¬£¬£¬£¬£¬£¬£¬Ä¬ÈÏ×°ÖõÄÕÕ¾Éspring-cloud-config-server 1.3.0²»Çå¾²°æ±¾


Îó²î¸ÅÊö


Spring Cloud ConfigÒ»Ì׿ªÔ´ÂþÑÜʽϵͳÉèÖÃЧÀÍ£¬£¬£¬£¬£¬£¬£¬ÎªÂþÑÜʽÇéÐÎÌṩÍⲿÉèÖÃЧÀÍÖ§³Ö ¡£¡£¡£¡£¡£¡£¡£Spring Cloud Config Server ·¾¶´©Ô½Óëí§ÒâÎļþ¶ÁÈ¡Îó²î£¬£¬£¬£¬£¬£¬£¬¿Éͨ¹ý½á¹¹µÄ¶ñÒâÇëÇóÖ±½Ó¶ÁȡЧÀÍÆ÷í§ÒâÎļþ£¬£¬£¬£¬£¬£¬£¬Î£º¦½Ï´ó ¡£¡£¡£¡£¡£¡£¡£


Îó²îÑéÖ¤


ÇéÐδ£º https://github.com/spring-cloud/spring-cloud-config#quick-start

GET /foo/default/master/..%252F..%252F..%252F..%252Fetc%252fpasswd HTTP/1.1

Host: localhost:8888


¼øºÚµ£±£Íø(jhdbw)¡¤×î¾ßȨÍþΨһάȨµ£±£Æ½Ì¨



Spring Cloud ConfigÏîÄ¿ÊÇÒ»¸ö½â¾öÂþÑÜʽϵͳµÄÉèÖÃÖÎÀí¼Æ»® ¡£¡£¡£¡£¡£¡£¡£Ëü°üÀ¨ÁËClientºÍServerÁ½¸ö²¿·Ö£¬£¬£¬£¬£¬£¬£¬serverÌṩÉèÖÃÎļþµÄ´æ´¢¡¢ÒÔ½Ó¿ÚµÄÐÎʽ½«ÉèÖÃÎļþµÄÄÚÈÝÌṩ³öÈ¥£¬£¬£¬£¬£¬£¬£¬clientͨ¹ý½Ó¿Ú»ñÈ¡Êý¾Ý¡¢²¢ÒÀ¾Ý´ËÊý¾Ý³õʼ»¯×Ô¼ºµÄÓ¦Óà ¡£¡£¡£¡£¡£¡£¡£Spring cloudʹÓÃgit»òsvn´æ·ÅÉèÖÃÎļþ£¬£¬£¬£¬£¬£¬£¬Ä¬ÈÏÇéÐÎÏÂʹÓÃgit ¡£¡£¡£¡£¡£¡£¡£


ÇéÐδ£º


Pom.xml ÉèÖÃÒÀÀµ


¼øºÚµ£±£Íø(jhdbw)¡¤×î¾ßȨÍþΨһάȨµ£±£Æ½Ì¨


Application.yml ÉèÖÃÉèÖÃÎļþ´æ·ÅµÄÔ¶³Ì¿ÍÕ»µØµã


¼øºÚµ£±£Íø(jhdbw)¡¤×î¾ßȨÍþΨһάȨµ£±£Æ½Ì¨


Æô¶¯Îļþ


¼øºÚµ£±£Íø(jhdbw)¡¤×î¾ßȨÍþΨһάȨµ£±£Æ½Ì¨


org/springframework/cloud/config/sever/resource/ResourceController.javaÖпÉÒÔÉó²éhttpÇëÇóÃûÌÃΪ@RequestMapping("/{name}/{profile}/{label}/**")

nameΪӦ¿ÍÕ»Ãû³Æ

profileΪӦÉèÖÃÎļþÇéÐÎ

label Ϊgit·ÖÖ§Ãû

** ΪÏêϸÎļþÃû

ÏÖʵ²âÊÔÖÐÖ»ÐèÒªlabelΪ±£´æµÄ·ÖÖ§Ãû¼´¿É£¬£¬£¬£¬£¬£¬£¬Ò»Ñùƽ³£git¿ÍÕ»¶¼±£´æmaster·ÖÖ§

ÒÔÊÇͨÓÃpocµØµãΪ£º

/test/dev/master/..%252F..%252F..%252F..%252F..%252F..%252F..%252Fetc%252Fpasswd


¼øºÚµ£±£Íø(jhdbw)¡¤×î¾ßȨÍþΨһάȨµ£±£Æ½Ì¨


´«Èë²ÎÊýºó »áŲÓÃthis.resourceRepository.findOne(name, profile, label, path)²¢Æ¾Ö¤ÉèÖÃÎļþÖеĿÍÕ»µØµãÈ¥×éװеĵص㲢»ñÈ¡ÎļþÄÚÈÝ ¡£¡£¡£¡£¡£¡£¡£ÎÒÃǸúÈëµ½org.springframework.cloud.config.server.resourceµÄfindOneÒªÁìÖÐ ¡£¡£¡£¡£¡£¡£¡£


findOne ÖÐlocationΪԶ³ÌgitµØµãÏÂÔص½ÍâµØµÄtmpĿ¼µØµã£¬£¬£¬£¬£¬£¬£¬È»ºóºÍÎÒÃÇ´«ÈëµÄpathƴװΪfile:/var/folders/2t/2pcjgph96ms9jltyfnm5brr40000gn/T/config-repo-1763575875528585941/..%2F..%2F..%2F..%2F..%2F..%2F.-dev.%2Fetc%2Fpasswd ¡£¡£¡£¡£¡£¡£¡£


this.resourceLoader.getResource(path)ÒªÁìΪ spring.coreÖзâ×°µÄ»ñÈ¡×ÊÔ´ÎļþÒªÁ죬£¬£¬£¬£¬£¬£¬Ä¬ÈϻỹԭURLdecodeµÄµØµã²¢Í¨¹ý ../../½«Ç°ÃæµÄtmp·¾¶µØµã³Ôµô£¬£¬£¬£¬£¬£¬£¬×îÖÕµÖ´ï´©Ô½µ½í§Òâ·¾¶£¬£¬£¬£¬£¬£¬£¬¶ÁÈ¡í§ÒâÎļþµÄЧ¹û ¡£¡£¡£¡£¡£¡£¡£


ÐÞ¸´½¨Òé


Spring Cloud Config 2.1.x Éý¼¶ÖÁ to 2.1.2£¬£¬£¬£¬£¬£¬£¬Spring Cloud Config 2.0.x uÉý¼¶ÖÁ 2.0.4£¬£¬£¬£¬£¬£¬£¬Spring Cloud Config 1.4.x Éý¼¶ÖÁ 1.4.6ÀÏ°æ±¾Éý¼¶µ½Ö¸¶¨µÄÇå¾²°æ±¾spring-cloud-config-serverÓ¦°²ÅÅÔÚÄÚÍøÖв¢Ê¹ÓÃSpring Security¾ÙÐÐÓû§Éí·ÝÅÐ¶Ï ¡£¡£¡£¡£¡£¡£¡£


Spring SecurityÉèÖÃÖ§¹Ù·½ÎĵµSecuring Spring Cloud Config Server

https://github.com/spring-cloud/spring-cloud-config/commit/3632fc6f64e567286c42c5a2f1b8142bfde505c2


²Î¿¼Á´½Ó


https://pivotal.io/security/cve-2019-3799