RCE in Codecentric Spring_boot_admin

CVE-2023-38286

Thymeleaf through 3.1.1.RELEASE, as used in spring-boot-admin (aka Spring Boot Admin) through 3.1.1 and other products, allows sandbox bypass via crafted HTML. This may be relevant for SSTI (Server Side Template Injection) and code executi…

Vulnerability class: Command Injection (OS Command Injection)

EPSS: 0.009 (54.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Weakness classification (CWE)

Public proof-of-concept exploits

References

Frequently asked questions

What is CVE-2023-38286?
CVE-2023-38286 is a high-severity vulnerability in Codecentric Spring_boot_admin, classified under Command Injection. CVSS score: 7.5/10. Published 2023-07-14.
How severe is CVE-2023-38286?
High severity. CVSS v3 base score is 7.5 out of 10.
Is CVE-2023-38286 known to be exploited?
4 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.