HTTP: VMware Spring Cloud Data Flow Skipper Server YAML Insecure Deserialization
This signature detects attempts to exploit a known vulnerability against VMware Spring Cloud. A successful attack can lead to arbitrary code execution.
Extended Description
In Spring Cloud Data Flow versions prior to 2.11.4,a malicious user who has access to the Skipper server api can use a crafted upload request to write an arbitrary file to any location on the file system which could lead to compromising the server
Affected Products
Vmware spring_cloud_data_flow
References
CVE: CVE-2024-37084
URL: https://blog.securelayer7.net/spring-cloud-skipper-vulnerability/
Short Name
HTTP:CTS:VMWARE-SERVER-YAML-INS
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2024-37084 Cloud Data Deserialization Flow Insecure Server Skipper Spring VMware YAML
Release Date
11/11/2024
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3757
False Positive
Unknown
Vendors
Vmware