spring-boot-actuator-logview Path Traversal
Description
A path traversal vulnerability exists in spring-boot-actuator-logview versions prior to 0.2.13, a library that provides HTTP endpoints for viewing log files through Spring Boot Actuator. The vulnerability allows attackers to bypass directory traversal protections by manipulating the 'base' parameter in combination with the 'filename' parameter. While the 'filename' parameter is properly validated to prevent traversal attacks, the 'base' parameter lacks sufficient validation, enabling attackers to access files outside the intended logging directory by using requests such as 'filename=somefile&base=../'.
Remediation
Immediately upgrade spring-boot-actuator-logview to version 0.2.13 or later, which includes a patch for this vulnerability. Update your dependency management configuration as follows:
For Maven, update your pom.xml:
<dependency>
<groupId>eu.hinsch</groupId>
<artifactId>spring-boot-actuator-logview</artifactId>
<version>0.2.13</version>
</dependency>For Gradle, update your build.gradle:
implementation 'eu.hinsch:spring-boot-actuator-logview:0.2.13'
As an additional security measure, ensure that Spring Boot Actuator endpoints are properly secured with authentication and authorization controls, and restrict access to trusted networks only. If immediate patching is not possible, consider temporarily disabling the logview actuator endpoint until the upgrade can be completed.