Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2018-1275

Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.16 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a remote code execution attack. This CVE addresses the partial fix for CVE-2018-1270 in the 4.3.x branch of the Spring Framework.

Published

2018-04-11T13:29:00.353

Last Modified

2024-11-21T03:59:31.333

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: PARTIAL

Exploitability Score

10.0

Impact Score

6.4

Weaknesses

Type: Primary
CWE-94
Type: Secondary
CWE-358

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	vmware	spring_framework	< 4.3.16	Yes
Application	vmware	spring_framework	< 5.0.5	Yes
Application	oracle	application_testing_suite	12.5.0.3	Yes
Application	oracle	application_testing_suite	13.1.0.1	Yes
Application	oracle	application_testing_suite	13.2.0.1	Yes
Application	oracle	application_testing_suite	13.3.0.1	Yes
Application	oracle	big_data_discovery	1.6.0	Yes
Application	oracle	communications_converged_application_server	< 7.0.0.1	Yes
Application	oracle	communications_diameter_signaling_router	< 8.3	Yes
Application	oracle	communications_performance_intelligence_center	< 10.2.1	Yes
Application	oracle	communications_services_gatekeeper	< 6.1.0.4.0	Yes
Application	oracle	goldengate_for_big_data	12.2.0.1	Yes
Application	oracle	goldengate_for_big_data	12.3.1.1	Yes
Application	oracle	goldengate_for_big_data	12.3.2.1	Yes
Application	oracle	health_sciences_information_manager	3.0	Yes
Application	oracle	healthcare_master_person_index	3.0	Yes
Application	oracle	healthcare_master_person_index	4.0	Yes
Application	oracle	insurance_calculation_engine	10.1.1	Yes
Application	oracle	insurance_calculation_engine	10.2	Yes
Application	oracle	insurance_calculation_engine	10.2.1	Yes
Application	oracle	insurance_rules_palette	10.0	Yes
Application	oracle	insurance_rules_palette	10.1	Yes
Application	oracle	insurance_rules_palette	10.2	Yes
Application	oracle	insurance_rules_palette	11.0	Yes
Application	oracle	insurance_rules_palette	11.1	Yes
Application	oracle	primavera_gateway	15.2	Yes
Application	oracle	primavera_gateway	16.2	Yes
Application	oracle	primavera_gateway	17.12	Yes
Application	oracle	retail_customer_insights	15.0	Yes
Application	oracle	retail_customer_insights	16.0	Yes
Application	oracle	retail_open_commerce_platform	5.3.0	Yes
Application	oracle	retail_open_commerce_platform	6.0.0	Yes
Application	oracle	retail_open_commerce_platform	6.0.1	Yes
Application	oracle	retail_order_broker	5.1	Yes
Application	oracle	retail_order_broker	5.2	Yes
Application	oracle	retail_order_broker	15.0	Yes
Application	oracle	retail_order_broker	16.0	Yes
Application	oracle	retail_predictive_application_server	14.0	Yes
Application	oracle	retail_predictive_application_server	14.1	Yes
Application	oracle	retail_predictive_application_server	15.0	Yes
Application	oracle	retail_predictive_application_server	16.0	Yes
Application	oracle	service_architecture_leveraging_tuxedo	12.1.3.0.0	Yes
Application	oracle	service_architecture_leveraging_tuxedo	12.2.2.0.0	Yes
Application	oracle	tape_library_acsls	8.4	Yes

References

http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html Patch, Third Party Advisory ([email protected])
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html Patch, Third Party Advisory ([email protected])
http://www.securityfocus.com/bid/103771 Third Party Advisory, VDB Entry ([email protected])
http://www.securitytracker.com/id/1041301 Third Party Advisory, VDB Entry ([email protected])
https://access.redhat.com/errata/RHSA-2018:1320 Third Party Advisory ([email protected])
https://access.redhat.com/errata/RHSA-2018:2939 Third Party Advisory ([email protected])
https://lists.apache.org/thread.html/4ed49b103f64a0cecb38064f26cbf1389afc12124653da2d35166dbe%40%3Cissues.activemq.apache.org%3E ([email protected])
https://lists.apache.org/thread.html/ab825fcade0b49becfa30235b3d54f4a51bb74ea96b6c9adb5d1378c%40%3Cissues.activemq.apache.org%3E ([email protected])
https://lists.apache.org/thread.html/dcf8599b80e43a6b60482607adb76c64672772dc2d9209ae2170f369%40%3Cissues.activemq.apache.org%3E ([email protected])
https://pivotal.io/security/cve-2018-1275 Vendor Advisory ([email protected])
https://www.oracle.com/security-alerts/cpujul2020.html Third Party Advisory ([email protected])
https://www.oracle.com/security-alerts/cpuoct2021.html Third Party Advisory ([email protected])
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html Patch, Third Party Advisory ([email protected])
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html Patch, Third Party Advisory ([email protected])
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/103771 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1041301 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2018:1320 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2018:2939 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://lists.apache.org/thread.html/4ed49b103f64a0cecb38064f26cbf1389afc12124653da2d35166dbe%40%3Cissues.activemq.apache.org%3E (af854a3a-2127-422b-91ae-364da2661108)
https://lists.apache.org/thread.html/ab825fcade0b49becfa30235b3d54f4a51bb74ea96b6c9adb5d1378c%40%3Cissues.activemq.apache.org%3E (af854a3a-2127-422b-91ae-364da2661108)
https://lists.apache.org/thread.html/dcf8599b80e43a6b60482607adb76c64672772dc2d9209ae2170f369%40%3Cissues.activemq.apache.org%3E (af854a3a-2127-422b-91ae-364da2661108)
https://pivotal.io/security/cve-2018-1275 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.oracle.com/security-alerts/cpujul2020.html Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.oracle.com/security-alerts/cpuoct2021.html Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)