CVE-2025-8738
📋 TL;DR
This vulnerability in zlt2000 microservices-platform exposes sensitive information through the Spring Actuator endpoint. Attackers can remotely access internal system details without authentication, affecting all deployments using versions up to 6.0.0.
💻 Affected Systems
- zlt2000 microservices-platform
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete exposure of sensitive configuration data, credentials, environment variables, and internal metrics leading to further system compromise.
Likely Case
Disclosure of internal system information, configuration details, and metrics that could aid attackers in reconnaissance for further attacks.
If Mitigated
Limited exposure of non-critical information with proper access controls and endpoint restrictions in place.
🎯 Exploit Status
Exploit details are publicly available in GitHub issues, making this easily exploitable by attackers with basic knowledge.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Version 6.0.1 or later
Vendor Advisory: https://github.com/zlt2000/microservices-platform/issues/79
Restart Required: Yes
Instructions:
1. Update to version 6.0.1 or later. 2. Review and secure Spring Actuator endpoints. 3. Restart the application.
🔧 Temporary Workarounds
Disable or Secure Actuator Endpoints
allRestrict access to /actuator endpoints through authentication or disable them in production.
management.endpoints.web.exposure.include=health,info
management.endpoints.web.exposure.exclude=*
Add Spring Security to protect actuator endpoints
Network Access Controls
linuxRestrict network access to actuator endpoints using firewalls or network policies.
iptables -A INPUT -p tcp --dport [app-port] -s [trusted-ips] -j ACCEPT
iptables -A INPUT -p tcp --dport [app-port] -j DROP
🧯 If You Can't Patch
- Implement strict network segmentation and firewall rules to block external access to actuator endpoints
- Enable authentication and authorization for all actuator endpoints using Spring Security
🔍 How to Verify
Check if Vulnerable:
Attempt to access http://[target]:[port]/actuator without authentication. If it returns system information, the system is vulnerable.Check Version:
Check application version in pom.xml or build configuration, or use: java -jar [app].jar --versionVerify Fix Applied:
After patching, verify that accessing /actuator endpoints requires authentication or returns 404/403 errors.📡 Detection & Monitoring
Log Indicators:
- Unauthorized access attempts to /actuator endpoints
- Increased traffic to actuator paths
- 403/401 errors from actuator endpoints
Network Indicators:
- Unusual GET requests to /actuator/* paths
- Traffic to actuator endpoints from unexpected sources
SIEM Query:
source="web_logs" AND (url_path="/actuator" OR url_path CONTAINS "/actuator/") AND response_code=200