CVE-2022-31691 - OpenCVE

Spring Tools 4 for Eclipse version 4.16.0 and below as well as VSCode extensions such as Spring Boot Tools, Concourse CI Pipeline Editor, Bosh Editor and Cloudfoundry Manifest YML Support version 1.39.0 and below all use Snakeyaml library for YAML editing support. This library allows for some special syntax in the YAML that under certain circumstances allows for potentially harmful remote code execution by the attacker.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Vmware	Bosh Editor Cloudfoundry Manifest Yml Support Concourse Ci Pipeline Editor Spring Tools Spring Boot Tools

Configuration 1 [-]

OR	cpe:2.3:a:vmware:bosh_editor::::::::
	cpe:2.3:a:vmware:cloudfoundry_manifest_yml_support::::::::
	cpe:2.3:a:vmware:concourse_ci_pipeline_editor::::::::
	cpe:2.3:a:vmware:spring_boot_tools::::::::
	cpe:2.3:a:vmware:spring_tools::::::eclipse::*

References

Link	Resource
https://tanzu.vmware.com/security/cve-2022-31691	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: vmware

Published: 2022-11-04T00:00:00

Updated: 2022-11-04T00:00:00

Reserved: 2022-05-25T00:00:00

Link: CVE-2022-31691

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-11-04T19:15:10.910

Modified: 2023-08-08T14:21:49.707

Link: CVE-2022-31691

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-noinfo

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:vmware:bosh_editor:*:*:*:*:*:*:*:*", "matchCriteriaId": "E51129A1-C75D-4542-AB8C-CBC392685513", "versionEndExcluding": "1.40.0", "versionStartIncluding": "1.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:cloudfoundry_manifest_yml_support:*:*:*:*:*:*:*:*", "matchCriteriaId": "1A278C4E-968F-4E42-A628-33CD42DF2CE4", "versionEndExcluding": "1.40.0", "versionStartIncluding": "1.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:concourse_ci_pipeline_editor:*:*:*:*:*:*:*:*", "matchCriteriaId": "D3A26C96-2373-4883-A6F9-CE65180B1698", "versionEndExcluding": "1.40.0", "versionStartIncluding": "1.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:spring_boot_tools:*:*:*:*:*:*:*:*", "matchCriteriaId": "6425FB98-BAF2-4076-9504-224B12AD7FF7", "versionEndExcluding": "1.40.0", "versionStartIncluding": "1.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:spring_tools:*:*:*:*:*:eclipse:*:*", "matchCriteriaId": "80186DC8-99BD-49DD-9940-3CA80857028D", "versionEndExcluding": "4.16.1", "versionStartIncluding": "4.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Spring Tools 4 for Eclipse version 4.16.0 and below as well as VSCode extensions such as Spring Boot Tools, Concourse CI Pipeline Editor, Bosh Editor and Cloudfoundry Manifest YML Support version 1.39.0 and below all use Snakeyaml library for YAML editing support. This library allows for some special syntax in the YAML that under certain circumstances allows for potentially harmful remote code execution by the attacker."}, {"lang": "es", "value": "Spring Tools 4 para Eclipse versi\u00f3n 4.16.0 y siguientes, as\u00ed como extensiones VSCode como Spring Boot Tools, Concourse CI Pipeline Editor, Bosh Editor y Cloudfoundry Manifest YML Support versi\u00f3n 1.39.0 y siguientes utilizan la librer\u00eda Snakeyaml para admitir la edici\u00f3n YAML. Esta librer\u00eda permite una sintaxis especial en YAML que, en determinadas circunstancias, permite que el atacante ejecute c\u00f3digo remoto potencialmente da\u00f1ino."}], "id": "CVE-2022-31691", "lastModified": "2023-08-08T14:21:49.707", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-11-04T19:15:10.910", "references": [{"source": "security@vmware.com", "tags": ["Vendor Advisory"], "url": "https://tanzu.vmware.com/security/cve-2022-31691"}], "sourceIdentifier": "security@vmware.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}