Vulnerability-Lookup

CVE-2018-1275 (GCVE-0-2018-1275)

Vulnerability from cvelistv5 – Published: 2018-04-11 13:00 – Updated: 2024-09-17 02:43

Summary

Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.16 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a remote code execution attack. This CVE addresses the partial fix for CVE-2018-1270 in the 4.3.x branch of the Spring Framework.

Severity ?

No CVSS data available.

CWE

CWE-94 - - Code Injection

Assigner

dell

References

URL

	Vendor	Product	Version
	Spring by Pivotal	Spring Framework	Affected: Versions prior to 5.0.5 and 4.3.16

CERTFR-2019-AVI-023

Vulnerability from certfr_avis - Published: 2019-01-16 - Updated: 2019-01-16

De multiples vulnérabilités ont été découvertes dans Oracle Sun Systems. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, un déni de service à distance et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Oracle	N/A	Tape Library ACSLS version 8.4
Oracle	N/A	Sun ZFS Storage Appliance Kit (AK) versions antérieures à 8.8.2
Oracle	N/A	Oracle Solaris versions 10 et 11

References

Title

Publication Time

GHSA-3RMV-2PG5-XVQJ

Vulnerability from github – Published: 2018-10-17 20:28 – Updated: 2025-01-31 19:35

Summary

Spring Framework has Improperly Implemented Security Check for Standard

Details

Severity ?

9.8 (Critical)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.springframework:spring-messaging"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.3.16.RELEASE"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.springframework:spring-messaging"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "5.0.0.RELEASE"
            },
            {
              "fixed": "5.0.5.RELEASE"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2018-1275"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-358",
      "CWE-94"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2020-06-16T20:56:14Z",
    "nvd_published_at": "2018-04-11T13:29:00Z",
    "severity": "CRITICAL"
  },
  "details": "Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.16 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a remote code execution attack. This CVE addresses the partial fix for CVE-2018-1270 in the 4.3.x branch of the Spring Framework.",
  "id": "GHSA-3rmv-2pg5-xvqj",
  "modified": "2025-01-31T19:35:35Z",
  "published": "2018-10-17T20:28:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1275"
    },
    {
      "type": "WEB",
      "url": "https://github.com/spring-projects/spring-framework/commit/0009806debb578e884f6dc98bd1f2dc668020021"
    },
    {
      "type": "WEB",
      "url": "https://github.com/spring-projects/spring-framework/commit/e0de9126ed8cf25cf141d3e66420da94e350708a"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2018:1320"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2018:2939"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/spring-projects/spring-framework"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/4ed49b103f64a0cecb38064f26cbf1389afc12124653da2d35166dbe@%3Cissues.activemq.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/ab825fcade0b49becfa30235b3d54f4a51bb74ea96b6c9adb5d1378c@%3Cissues.activemq.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/dcf8599b80e43a6b60482607adb76c64672772dc2d9209ae2170f369@%3Cissues.activemq.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://pivotal.io/security/cve-2018-1275"
    },
    {
      "type": "WEB",
      "url": "https://web.archive.org/web/20190901081835/http://www.securitytracker.com/id/1041301"
    },
    {
      "type": "WEB",
      "url": "https://web.archive.org/web/20200227033125/http://www.securityfocus.com/bid/103771"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Spring Framework has Improperly Implemented Security Check for Standard"
}

GSD-2018-1275

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2018-1275

Aliases

CVE-2018-1275

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2018-1275",
    "description": "Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.16 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a remote code execution attack. This CVE addresses the partial fix for CVE-2018-1270 in the 4.3.x branch of the Spring Framework.",
    "id": "GSD-2018-1275",
    "references": [
      "https://access.redhat.com/errata/RHSA-2018:2939",
      "https://access.redhat.com/errata/RHSA-2018:1320"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-1275"
      ],
      "details": "Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.16 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a remote code execution attack. This CVE addresses the partial fix for CVE-2018-1270 in the 4.3.x branch of the Spring Framework.",
      "id": "GSD-2018-1275",
      "modified": "2023-12-13T01:22:37.326097Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@dell.com",
        "DATE_PUBLIC": "2018-04-09T00:00:00",
        "ID": "CVE-2018-1275",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Spring Framework",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Versions prior to 5.0.5 and 4.3.16"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Spring by Pivotal"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.16 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a remote code execution attack. This CVE addresses the partial fix for CVE-2018-1270 in the 4.3.x branch of the Spring Framework."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-94 - Code Injection"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "1041301",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1041301"
          },
          {
            "name": "RHSA-2018:2939",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2018:2939"
          },
          {
            "name": "RHSA-2018:1320",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2018:1320"
          },
          {
            "name": "103771",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/103771"
          },
          {
            "name": "[activemq-issues] 20190703 [jira] [Created] (AMQ-7236) SEV-1 Security vulnerability in spring-expression-4.3.11.RELEASE.jar (spring framework)",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/4ed49b103f64a0cecb38064f26cbf1389afc12124653da2d35166dbe@%3Cissues.activemq.apache.org%3E"
          },
          {
            "name": "[activemq-issues] 20190703 [jira] [Updated] (AMQ-7236) SEV-1 Security vulnerability in spring-expression-4.3.11.RELEASE.jar (spring framework) and xstream-1.4.10.jar",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/ab825fcade0b49becfa30235b3d54f4a51bb74ea96b6c9adb5d1378c@%3Cissues.activemq.apache.org%3E"
          },
          {
            "name": "[activemq-issues] 20190718 [jira] [Updated] (AMQ-7236) SEV-1 Security vulnerability in spring-expression-4.3.11.RELEASE.jar (spring framework) and xstream-1.4.10.jar",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/dcf8599b80e43a6b60482607adb76c64672772dc2d9209ae2170f369@%3Cissues.activemq.apache.org%3E"
          },
          {
            "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
            "refsource": "CONFIRM",
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
          },
          {
            "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
            "refsource": "CONFIRM",
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
          },
          {
            "name": "https://www.oracle.com/security-alerts/cpujul2020.html",
            "refsource": "MISC",
            "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
          },
          {
            "name": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
            "refsource": "CONFIRM",
            "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
          },
          {
            "name": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
            "refsource": "MISC",
            "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
          },
          {
            "name": "https://pivotal.io/security/cve-2018-1275",
            "refsource": "CONFIRM",
            "url": "https://pivotal.io/security/cve-2018-1275"
          },
          {
            "name": "https://www.oracle.com/security-alerts/cpuoct2021.html",
            "refsource": "MISC",
            "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
          }
        ]
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "[4.3.0.RELEASE,4.3.16.RELEASE),[5.0.RELEASE,5.0.5.RELEASE)",
          "affected_versions": "All versions starting from 4.3.0.RELEASE before 4.3.16.RELEASE, all versions starting from 5.0.RELEASE before 5.0.5.RELEASE",
          "cvss_v2": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "cwe_ids": [
            "CWE-1035",
            "CWE-358",
            "CWE-937"
          ],
          "date": "2019-07-03",
          "description": "Spring Framework allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a remote code execution attack.",
          "fixed_versions": [
            "4.3.16.RELEASE",
            "5.0.5.RELEASE"
          ],
          "identifier": "CVE-2018-1275",
          "identifiers": [
            "CVE-2018-1275"
          ],
          "not_impacted": "All versions before 4.3.0.RELEASE, all versions starting from 4.3.16.RELEASE before 5.0.RELEASE, all versions starting from 5.0.5.RELEASE",
          "package_slug": "maven/org.springframework.data/spring-data-commons",
          "pubdate": "2018-04-11",
          "solution": "Upgrade to versions 4.3.16.RELEASE, 5.0.5.RELEASE or above.",
          "title": "Improperly Implemented Security Check for Standard",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2018-1275",
            "http://www.securityfocus.com/bid/103771",
            "http://www.securitytracker.com/id/1041301",
            "https://pivotal.io/security/cve-2018-1275"
          ],
          "uuid": "40b2c0b5-c860-4324-94d8-716bad9e2f94"
        },
        {
          "affected_range": "(,4.3.16),[5.0.0,5.0.5)",
          "affected_versions": "All versions before 4.3.16, all versions starting from 5.0.0 before 5.0.5",
          "cvss_v2": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "cwe_ids": [
            "CWE-1035",
            "CWE-78",
            "CWE-937",
            "CWE-94"
          ],
          "date": "2021-10-21",
          "description": "Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.16 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a remote code execution attack. This CVE addresses the partial fix for CVE-2018-1270 in the 4.3.x branch of the Spring Framework.",
          "fixed_versions": [
            "4.3.16",
            "5.0.5"
          ],
          "identifier": "CVE-2018-1275",
          "identifiers": [
            "GHSA-3rmv-2pg5-xvqj",
            "CVE-2018-1275"
          ],
          "not_impacted": "All versions starting from 4.3.16 before 5.0.0, all versions starting from 5.0.5",
          "package_slug": "maven/org.springframework/spring-core",
          "pubdate": "2018-10-17",
          "solution": "Upgrade to versions 4.3.16, 5.0.5 or above.",
          "title": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2018-1275",
            "https://access.redhat.com/errata/RHSA-2018:1320",
            "https://access.redhat.com/errata/RHSA-2018:2939",
            "https://github.com/advisories/GHSA-3rmv-2pg5-xvqj",
            "https://lists.apache.org/thread.html/4ed49b103f64a0cecb38064f26cbf1389afc12124653da2d35166dbe@%3Cissues.activemq.apache.org%3E",
            "https://lists.apache.org/thread.html/ab825fcade0b49becfa30235b3d54f4a51bb74ea96b6c9adb5d1378c@%3Cissues.activemq.apache.org%3E",
            "https://lists.apache.org/thread.html/dcf8599b80e43a6b60482607adb76c64672772dc2d9209ae2170f369@%3Cissues.activemq.apache.org%3E",
            "https://pivotal.io/security/cve-2018-1275",
            "https://www.oracle.com/security-alerts/cpujul2020.html",
            "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
            "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
            "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
            "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
            "http://www.securityfocus.com/bid/103771",
            "http://www.securitytracker.com/id/1041301",
            "https://www.oracle.com/security-alerts/cpuoct2021.html"
          ],
          "uuid": "fbb9e95a-6b37-44ae-8bb1-9a087e4bb673"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "5.0.5",
                "versionStartIncluding": "5.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "4.3.16",
                "versionStartIncluding": "4.3.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:oracle:primavera_gateway:16.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:primavera_gateway:15.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:application_testing_suite:12.5.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_open_commerce_platform:6.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:application_testing_suite:13.1.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:application_testing_suite:13.2.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "8.3",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_performance_intelligence_center:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "10.2.1",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:insurance_calculation_engine:10.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_customer_insights:16.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_predictive_application_server:14.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_predictive_application_server:14.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_predictive_application_server:15.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:health_sciences_information_manager:3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:healthcare_master_person_index:3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_converged_application_server:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.0.0.1",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:service_architecture_leveraging_tuxedo:12.1.3.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:service_architecture_leveraging_tuxedo:12.2.2.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:insurance_rules_palette:10.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:insurance_rules_palette:10.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_services_gatekeeper:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "6.1.0.4.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:healthcare_master_person_index:4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_customer_insights:15.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:tape_library_acsls:8.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_predictive_application_server:16.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_order_broker:5.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_order_broker:5.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:insurance_calculation_engine:10.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:insurance_rules_palette:11.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:primavera_gateway:17.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:goldengate_for_big_data:12.2.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_order_broker:16.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_open_commerce_platform:5.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_open_commerce_platform:6.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:insurance_rules_palette:10.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:insurance_rules_palette:11.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:goldengate_for_big_data:12.3.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:retail_order_broker:15.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:insurance_calculation_engine:10.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:big_data_discovery:1.6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:goldengate_for_big_data:12.3.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@dell.com",
          "ID": "CVE-2018-1275"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.16 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a remote code execution attack. This CVE addresses the partial fix for CVE-2018-1270 in the 4.3.x branch of the Spring Framework."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-94"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://pivotal.io/security/cve-2018-1275",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://pivotal.io/security/cve-2018-1275"
            },
            {
              "name": "103771",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/103771"
            },
            {
              "name": "RHSA-2018:1320",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2018:1320"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
            },
            {
              "name": "1041301",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id/1041301"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
            },
            {
              "name": "RHSA-2018:2939",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2018:2939"
            },
            {
              "name": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
            },
            {
              "name": "[activemq-issues] 20190703 [jira] [Created] (AMQ-7236) SEV-1 Security vulnerability in spring-expression-4.3.11.RELEASE.jar (spring framework)",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/4ed49b103f64a0cecb38064f26cbf1389afc12124653da2d35166dbe@%3Cissues.activemq.apache.org%3E"
            },
            {
              "name": "[activemq-issues] 20190703 [jira] [Updated] (AMQ-7236) SEV-1 Security vulnerability in spring-expression-4.3.11.RELEASE.jar (spring framework) and xstream-1.4.10.jar",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/ab825fcade0b49becfa30235b3d54f4a51bb74ea96b6c9adb5d1378c@%3Cissues.activemq.apache.org%3E"
            },
            {
              "name": "[activemq-issues] 20190718 [jira] [Updated] (AMQ-7236) SEV-1 Security vulnerability in spring-expression-4.3.11.RELEASE.jar (spring framework) and xstream-1.4.10.jar",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/dcf8599b80e43a6b60482607adb76c64672772dc2d9209ae2170f369@%3Cissues.activemq.apache.org%3E"
            },
            {
              "name": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpujul2020.html",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpuoct2021.html",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2022-06-23T16:35Z",
      "publishedDate": "2018-04-11T13:29Z"
    }
  }
}

FKIE_CVE-2018-1275

Vulnerability from fkie_nvd - Published: 2018-04-11 13:29 - Updated: 2024-11-21 03:59

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
security_alert@emc.com	http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html	Patch, Third Party Advisory
security_alert@emc.com	http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html	Patch, Third Party Advisory
security_alert@emc.com	http://www.securityfocus.com/bid/103771	Third Party Advisory, VDB Entry
security_alert@emc.com	http://www.securitytracker.com/id/1041301	Third Party Advisory, VDB Entry
security_alert@emc.com	https://access.redhat.com/errata/RHSA-2018:1320	Third Party Advisory
security_alert@emc.com	https://access.redhat.com/errata/RHSA-2018:2939	Third Party Advisory
security_alert@emc.com	https://lists.apache.org/thread.html/4ed49b103f64a0cecb38064f26cbf1389afc12124653da2d35166dbe%40%3Cissues.activemq.apache.org%3E
security_alert@emc.com	https://lists.apache.org/thread.html/ab825fcade0b49becfa30235b3d54f4a51bb74ea96b6c9adb5d1378c%40%3Cissues.activemq.apache.org%3E
security_alert@emc.com	https://lists.apache.org/thread.html/dcf8599b80e43a6b60482607adb76c64672772dc2d9209ae2170f369%40%3Cissues.activemq.apache.org%3E
security_alert@emc.com	https://pivotal.io/security/cve-2018-1275	Vendor Advisory
security_alert@emc.com	https://www.oracle.com/security-alerts/cpujul2020.html	Third Party Advisory
security_alert@emc.com	https://www.oracle.com/security-alerts/cpuoct2021.html	Third Party Advisory
security_alert@emc.com	https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html	Patch, Third Party Advisory
security_alert@emc.com	https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/103771	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1041301	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2018:1320	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2018:2939	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/4ed49b103f64a0cecb38064f26cbf1389afc12124653da2d35166dbe%40%3Cissues.activemq.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/ab825fcade0b49becfa30235b3d54f4a51bb74ea96b6c9adb5d1378c%40%3Cissues.activemq.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/dcf8599b80e43a6b60482607adb76c64672772dc2d9209ae2170f369%40%3Cissues.activemq.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://pivotal.io/security/cve-2018-1275	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.oracle.com/security-alerts/cpujul2020.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.oracle.com/security-alerts/cpuoct2021.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html	Patch, Third Party Advisory

Impacted products

Vendor	Product	Version
vmware	spring_framework	*
vmware	spring_framework	*
oracle	application_testing_suite	12.5.0.3
oracle	application_testing_suite	13.1.0.1
oracle	application_testing_suite	13.2.0.1
oracle	application_testing_suite	13.3.0.1
oracle	big_data_discovery	1.6.0
oracle	communications_converged_application_server	*
oracle	communications_diameter_signaling_router	*
oracle	communications_performance_intelligence_center	*
oracle	communications_services_gatekeeper	*
oracle	goldengate_for_big_data	12.2.0.1
oracle	goldengate_for_big_data	12.3.1.1
oracle	goldengate_for_big_data	12.3.2.1
oracle	health_sciences_information_manager	3.0
oracle	healthcare_master_person_index	3.0
oracle	healthcare_master_person_index	4.0
oracle	insurance_calculation_engine	10.1.1
oracle	insurance_calculation_engine	10.2
oracle	insurance_calculation_engine	10.2.1
oracle	insurance_rules_palette	10.0
oracle	insurance_rules_palette	10.1
oracle	insurance_rules_palette	10.2
oracle	insurance_rules_palette	11.0
oracle	insurance_rules_palette	11.1
oracle	primavera_gateway	15.2
oracle	primavera_gateway	16.2
oracle	primavera_gateway	17.12
oracle	retail_customer_insights	15.0
oracle	retail_customer_insights	16.0
oracle	retail_open_commerce_platform	5.3.0
oracle	retail_open_commerce_platform	6.0.0
oracle	retail_open_commerce_platform	6.0.1
oracle	retail_order_broker	5.1
oracle	retail_order_broker	5.2
oracle	retail_order_broker	15.0
oracle	retail_order_broker	16.0
oracle	retail_predictive_application_server	14.0
oracle	retail_predictive_application_server	14.1
oracle	retail_predictive_application_server	15.0
oracle	retail_predictive_application_server	16.0
oracle	service_architecture_leveraging_tuxedo	12.1.3.0.0
oracle	service_architecture_leveraging_tuxedo	12.2.2.0.0
oracle	tape_library_acsls	8.4

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4C1A62A-E019-4649-AB74-DB249D1B03EF",
              "versionEndExcluding": "4.3.16",
              "versionStartIncluding": "4.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D2CC334-AFF8-41D4-9FBD-88C8FF9DA406",
              "versionEndExcluding": "5.0.5",
              "versionStartIncluding": "5.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oracle:application_testing_suite:12.5.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "17EA8B91-7634-4636-B647-1049BA7CA088",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:application_testing_suite:13.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B4DF46F-DBCC-41F2-A260-F83A14838F23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:application_testing_suite:13.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "10F17843-32EA-4C31-B65C-F424447BEF7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A125E817-F974-4509-872C-B71933F42AD1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:big_data_discovery:1.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "00280604-1DC1-4974-BF73-216C5D76FFA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_converged_application_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC361999-AAD8-4CB3-B00E-E3990C3529B4",
              "versionEndExcluding": "7.0.0.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF5A0F0D-313D-4F5C-AD6D-8C118D5CD8D8",
              "versionEndExcluding": "8.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_performance_intelligence_center:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "468931C8-C76A-4E47-BF00-185D85F719C5",
              "versionEndExcluding": "10.2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_services_gatekeeper:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "97C1FA4C-5163-420C-A01A-EA36F1039BBB",
              "versionEndExcluding": "6.1.0.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:goldengate_for_big_data:12.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C4A89F2-713D-4A36-9D28-22748D30E0FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:goldengate_for_big_data:12.3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDFABB2C-2FA2-4F83-985B-7FCEAF274418",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:goldengate_for_big_data:12.3.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A609003-8687-40B4-8AC3-06A1534ADE30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:health_sciences_information_manager:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9027528A-4FE7-4E3C-B2DF-CCCED22128F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:healthcare_master_person_index:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A699D02-296B-411E-9658-5893240605D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:healthcare_master_person_index:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7036576C-2B1F-413D-B154-2DBF9BFDE7E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:insurance_calculation_engine:10.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEE4B2F0-1AAB-4A1F-AE86-A568D43891B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:insurance_calculation_engine:10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "641D134E-6C51-4DB8-8554-F6B5222EF479",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:insurance_calculation_engine:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C79B50C2-27C2-4A9C-ACEE-B70015283F58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:insurance_rules_palette:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB6321F8-7A0A-4DB8-9889-3527023C652A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:insurance_rules_palette:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "25F8E604-8180-4728-AD2D-7FF034E3E65A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:insurance_rules_palette:10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "02867DC7-E669-43C0-ACC4-E1CAA8B9994C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:insurance_rules_palette:11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBAFA631-C92B-4FF7-8E65-07C67789EBCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:insurance_rules_palette:11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9652104A-119D-4327-A937-8BED23C23861",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_gateway:15.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CBFA960-D242-43ED-8D4C-A60F01B70740",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_gateway:16.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0513B305-97EF-4609-A82E-D0CDFF9925BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_gateway:17.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "61A7F6E0-A4A4-4FC3-90CB-156933CB3B9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_customer_insights:15.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD4AB77A-E829-4603-AF6A-97B9CD0D687F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_customer_insights:16.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DE15D64-6F49-4F43-8079-0C7827384C86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_open_commerce_platform:5.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "07630491-0624-4C5C-A858-C5D3CDCD1B68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_open_commerce_platform:6.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC9CA11F-F718-43E5-ADB9-6C348C75E37A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_open_commerce_platform:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FBAAD32-1E9D-47F1-9F47-76FEA47EF54F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_order_broker:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAA4DF85-9225-4422-BF10-D7DAE7DCE007",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_order_broker:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "77C2A2A4-285B-40A1-B9AD-42219D742DD4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_order_broker:15.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE8CF045-09BB-4069-BCEC-496D5AE3B780",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_order_broker:16.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "38E74E68-7F19-4EF3-AC00-3C249EAAA39E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_predictive_application_server:14.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD3C8E59-B07D-4C5E-B467-2FA6C1DFDA5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_predictive_application_server:14.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6DA82ED-20FF-4E6D-ACA0-C65F51F4F5C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_predictive_application_server:15.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FFEA075-11EB-4E99-92A1-8B2883C64CC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_predictive_application_server:16.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "21973CDD-D16E-4321-9F8E-67F4264D7C21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:service_architecture_leveraging_tuxedo:12.1.3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "909A7F73-0164-471B-8EBD-1F70072E9809",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:service_architecture_leveraging_tuxedo:12.2.2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CE08DC9-5153-48D6-B23C-68A632FF8FF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:tape_library_acsls:8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "70D4467D-6968-4557-AF61-AFD42B2B48D3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.16 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a remote code execution attack. This CVE addresses the partial fix for CVE-2018-1270 in the 4.3.x branch of the Spring Framework."
    },
    {
      "lang": "es",
      "value": "Spring Framework, en versiones anteriores a las comprendidas entre la 5.0 y la 5.0.5, versiones 4.3 anteriores a la 4.3.16 y versiones antiguas no soportadas, permite que las aplicaciones expongan STOMP sobre los endpoints WebSocket con un simple broker STOP dentro de la memoria a trav\u00e9s del m\u00f3dulo spring-messaging. Un usuario (o atacante) malicioso puede crear un mensaje para el broker que puede conducir a un ataque de ejecuci\u00f3n remota de c\u00f3digo. Este CVE hace referencia a una soluci\u00f3n parcial de CVE-2018-1270 en la rama 4.3.x de Spring Framework."
    }
  ],
  "id": "CVE-2018-1275",
  "lastModified": "2024-11-21T03:59:31.333",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-04-11T13:29:00.353",
  "references": [
    {
      "source": "security_alert@emc.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
    },
    {
      "source": "security_alert@emc.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
    },
    {
      "source": "security_alert@emc.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/103771"
    },
    {
      "source": "security_alert@emc.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1041301"
    },
    {
      "source": "security_alert@emc.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:1320"
    },
    {
      "source": "security_alert@emc.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:2939"
    },
    {
      "source": "security_alert@emc.com",
      "url": "https://lists.apache.org/thread.html/4ed49b103f64a0cecb38064f26cbf1389afc12124653da2d35166dbe%40%3Cissues.activemq.apache.org%3E"
    },
    {
      "source": "security_alert@emc.com",
      "url": "https://lists.apache.org/thread.html/ab825fcade0b49becfa30235b3d54f4a51bb74ea96b6c9adb5d1378c%40%3Cissues.activemq.apache.org%3E"
    },
    {
      "source": "security_alert@emc.com",
      "url": "https://lists.apache.org/thread.html/dcf8599b80e43a6b60482607adb76c64672772dc2d9209ae2170f369%40%3Cissues.activemq.apache.org%3E"
    },
    {
      "source": "security_alert@emc.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://pivotal.io/security/cve-2018-1275"
    },
    {
      "source": "security_alert@emc.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
    },
    {
      "source": "security_alert@emc.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
    },
    {
      "source": "security_alert@emc.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
    },
    {
      "source": "security_alert@emc.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/103771"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1041301"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:1320"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:2939"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/4ed49b103f64a0cecb38064f26cbf1389afc12124653da2d35166dbe%40%3Cissues.activemq.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/ab825fcade0b49becfa30235b3d54f4a51bb74ea96b6c9adb5d1378c%40%3Cissues.activemq.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/dcf8599b80e43a6b60482607adb76c64672772dc2d9209ae2170f369%40%3Cissues.activemq.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://pivotal.io/security/cve-2018-1275"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
    }
  ],
  "sourceIdentifier": "security_alert@emc.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "security_alert@emc.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-358"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Secondary"
    }
  ]
}

CNVD-2018-07568

Vulnerability from cnvd - Published: 2018-04-12

Title

Spring Framework Spring-messaging远程代码执行漏洞

Description

Spring Framework是美国Pivotal Software公司的一套开源的Java、Java EE应用程序框架。该框架可帮助开发人员构建高质量的应用。 Spring Framework Spring-messaging存在远程代码执行漏洞。攻击者可以利用漏洞进行远程代码执行攻击。（注：此漏洞是Spring-messaging远程代码执行漏洞（CVE-2018-1270）修复时的遗留问题，(CVE-2018-1270)涉及到Spring框架的5.0.x版本和4.3.x版本。但由于对4.3.x版本修复不完全。）

Severity

高

Patch Name

Spring Framework Spring-messaging远程代码执行漏洞的补丁

Patch Description

Formal description

用户可参考如下供应商提供的安全公告获得补丁信息： https://pivotal.io/security/cve-2018-1275

Reference

https://pivotal.io/security/cve-2018-1275 https://www.anquanke.com/post/id/104401

Impacted products

Name
['Pivotal Software Spring Framework >=5.0，<=5.0.4', 'Pivotal Software Spring Framework >=4.3，<=4.3.15']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-1275"
    }
  },
  "description": "Spring Framework\u662f\u7f8e\u56fdPivotal Software\u516c\u53f8\u7684\u4e00\u5957\u5f00\u6e90\u7684Java\u3001Java EE\u5e94\u7528\u7a0b\u5e8f\u6846\u67b6\u3002\u8be5\u6846\u67b6\u53ef\u5e2e\u52a9\u5f00\u53d1\u4eba\u5458\u6784\u5efa\u9ad8\u8d28\u91cf\u7684\u5e94\u7528\u3002\r\n\r\nSpring Framework Spring-messaging\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u6f0f\u6d1e\u8fdb\u884c\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u653b\u51fb\u3002\uff08\u6ce8\uff1a\u6b64\u6f0f\u6d1e\u662fSpring-messaging\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff08CVE-2018-1270\uff09\u4fee\u590d\u65f6\u7684\u9057\u7559\u95ee\u9898\uff0c(CVE-2018-1270)\u6d89\u53ca\u5230Spring\u6846\u67b6\u76845.0.x\u7248\u672c\u548c4.3.x\u7248\u672c\u3002\u4f46\u7531\u4e8e\u5bf94.3.x\u7248\u672c\u4fee\u590d\u4e0d\u5b8c\u5168\u3002\uff09",
  "discovererName": "rwx, Christoph Dreis, and Changfeng Chi",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u4f9b\u5e94\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttps://pivotal.io/security/cve-2018-1275",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-07568",
  "openTime": "2018-04-12",
  "patchDescription": "Spring Framework\u662f\u7f8e\u56fdPivotal Software\u516c\u53f8\u7684\u4e00\u5957\u5f00\u6e90\u7684Java\u3001Java EE\u5e94\u7528\u7a0b\u5e8f\u6846\u67b6\u3002\u8be5\u6846\u67b6\u53ef\u5e2e\u52a9\u5f00\u53d1\u4eba\u5458\u6784\u5efa\u9ad8\u8d28\u91cf\u7684\u5e94\u7528\u3002\r\n\r\nSpring Framework Spring-messaging\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u6f0f\u6d1e\u8fdb\u884c\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u653b\u51fb\u3002\uff08\u6ce8\uff1a\u6b64\u6f0f\u6d1e\u662fSpring-messaging\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff08CVE-2018-1270\uff09\u4fee\u590d\u65f6\u7684\u9057\u7559\u95ee\u9898\uff0c(CVE-2018-1270)\u6d89\u53ca\u5230Spring\u6846\u67b6\u76845.0.x\u7248\u672c\u548c4.3.x\u7248\u672c\u3002\u4f46\u7531\u4e8e\u5bf94.3.x\u7248\u672c\u4fee\u590d\u4e0d\u5b8c\u5168\u3002\uff09\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Spring Framework Spring-messaging\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Pivotal Software Spring Framework \u003e=5.0\uff0c\u003c=5.0.4",
      "Pivotal Software Spring Framework \u003e=4.3\uff0c\u003c=4.3.15"
    ]
  },
  "referenceLink": "https://pivotal.io/security/cve-2018-1275\r\nhttps://www.anquanke.com/post/id/104401",
  "serverity": "\u9ad8",
  "submitTime": "2018-04-12",
  "title": "Spring Framework Spring-messaging\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2018-1275 (GCVE-0-2018-1275)

CERTFR-2019-AVI-023

Solution

GHSA-3RMV-2PG5-XVQJ

GSD-2018-1275

FKIE_CVE-2018-1275

CNVD-2018-07568

Tags

Sightings

Nomenclature