Spring Boot Actuator Sensitive Endpoints Detected

medium Web App Scanning Plugin ID 113205

Language:

Synopsis

Spring Boot Actuator Sensitive Endpoints Detected

Description

Spring Boot Actuator endpoints let you monitor and interact with your application. Spring Boot includes a number of built-in endpoints and lets you add your own. For example, the 'health' endpoint provides basic application health information. But some of these endpoints are considered sensitive and may allow an unauthenticated attacker to access sensitive information.

Solution

Disable unnecessary endpoints and do not make sensitive endpoints externally accessible ('env', 'configprops', 'heapdump', 'restart', 'shutdown'), limiting access to known IP Addresses.

See Also

https://docs.spring.io/spring-boot/docs/current/reference/html/actuator.html#actuator.endpoints.enabling

Plugin Details

Severity: Medium

ID: 113205

Type: remote

Family: Component Vulnerability

Published: 3/24/2022

Updated: 3/13/2023

Scan Template: api, basic, full, pci, scan

Risk Information

VPR

Risk Factor: Low

Score: 1.4

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS Score Source: Tenable

CVSS v3

Risk Factor: Medium

Base Score: 5.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CVSS Score Source: Tenable

Reference Information

CWE: 538

OWASP: 2010-A6, 2013-A5, 2013-A9, 2017-A6, 2017-A9, 2021-A1, 2021-A6

WASC: Predictable Resource Location

CAPEC: 95

DISA STIG: APSC-DV-002480, APSC-DV-002630

HIPAA: 164.306(a)(1), 164.306(a)(2), 164.312(a)(1), 164.312(a)(2)(i)

ISO: 27001-A.13.1.1, 27001-A.14.1.2, 27001-A.14.1.3, 27001-A.14.2.5, 27001-A.18.1.3, 27001-A.6.2.2, 27001-A.9.1.2, 27001-A.9.4.1, 27001-A.9.4.4, 27001-A.9.4.5

NIST: sp800_53-AC-3, sp800_53-CM-6b

OWASP API: 2019-API7, 2023-API8

OWASP ASVS: 4.0.2-14.2.1

PCI-DSS: 3.2-2.2, 3.2-6.2