CVE-2022-46166
published 2022-12-09CVE-2022-46166: Spring boot admins is an open source administrative user interface for management of spring boot applications. All users who run Spring Boot Admin Server…
PriorityP260critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
1.44%
69.8th percentile
Spring boot admins is an open source administrative user interface for management of spring boot applications. All users who run Spring Boot Admin Server, having enabled Notifiers (e.g. Teams-Notifier) and write access to environment variables via UI are affected. Users are advised to upgrade to the most recent releases of Spring Boot Admin 2.6.10 and 2.7.8 to resolve this issue. Users unable to upgrade may disable any notifier or disable write access (POST request) on `/env` actuator endpoint.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| codecentric | spring-boot-admin | < 2.6.10 | 2.6.10 |
| codecentric | spring_boot_admin | < 2.6.10 | 2.6.10 |
| codecentric | spring_boot_admin | — | — |
| codecentric | spring_boot_admin | >= 2.7.0 < 2.7.8 | 2.7.8 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Spring Boot Admins integrated notifier support allows arbitrary code execution
ghsa·2022-12-09
CVE-2022-46166 [HIGH] CWE-94 Spring Boot Admins integrated notifier support allows arbitrary code execution
Spring Boot Admins integrated notifier support allows arbitrary code execution
### Impact
All users who run Spring Boot Admin Server, having enabled Notifiers (e.g. Teams-Notifier) and write access to environment variables via UI are possibly affected.
### Patches
In the most recent releases of Spring Boot Admin 2.6.10 and 2.7.8 the issue is fixed by implementing `SimpleExecutionContext` of SpEL. This prevents the arbitrary code execution (i.e. SpEL injection).
### Workarounds
* Disable any notifier
* Disable write access (POST request) on `/env` actuator endpoint
OSV
Spring Boot Admins integrated notifier support allows arbitrary code execution
osv·2022-12-09
CVE-2022-46166 [HIGH] Spring Boot Admins integrated notifier support allows arbitrary code execution
Spring Boot Admins integrated notifier support allows arbitrary code execution
### Impact
All users who run Spring Boot Admin Server, having enabled Notifiers (e.g. Teams-Notifier) and write access to environment variables via UI are possibly affected.
### Patches
In the most recent releases of Spring Boot Admin 2.6.10 and 2.7.8 the issue is fixed by implementing `SimpleExecutionContext` of SpEL. This prevents the arbitrary code execution (i.e. SpEL injection).
### Workarounds
* Disable any notifier
* Disable write access (POST request) on `/env` actuator endpoint
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://github.com/codecentric/spring-boot-admin/commit/c14c3ec12533f71f84de9ce3ce5ceb7991975f75https://github.com/codecentric/spring-boot-admin/security/advisories/GHSA-w3x5-427h-wfq6https://github.com/codecentric/spring-boot-admin/commit/c14c3ec12533f71f84de9ce3ce5ceb7991975f75https://github.com/codecentric/spring-boot-admin/security/advisories/GHSA-w3x5-427h-wfq6
2022-12-09
Published