CVE-2018-1270

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2018-1270
Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a remote code execution attack.

9.8 /10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

7.5 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html Patch Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html Patch Third Party Advisory
http://www.securityfocus.com/bid/103696 Third Party Advisory VDB Entry
https://access.redhat.com/errata/RHSA-2018:2939 Third Party Advisory
https://lists.apache.org/thread.html/4ed49b103f64a0cecb38064f26cbf1389afc12124653da2d35166dbe%40%3Cissues.activemq.apache.org%3E
https://lists.apache.org/thread.html/6d3d34adcf3dfc48e36342aa1f18ce3c20bb8e4c458a97508d5bfed1%40%3Cissues.activemq.apache.org%3E
https://lists.apache.org/thread.html/ab825fcade0b49becfa30235b3d54f4a51bb74ea96b6c9adb5d1378c%40%3Cissues.activemq.apache.org%3E
https://lists.apache.org/thread.html/dcf8599b80e43a6b60482607adb76c64672772dc2d9209ae2170f369%40%3Cissues.activemq.apache.org%3E
https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/04/msg00022.html Mailing List Third Party Advisory
https://pivotal.io/security/cve-2018-1270 Vendor Advisory
https://www.exploit-db.com/exploits/44796/ Broken Link Third Party Advisory VDB Entry
https://www.oracle.com/security-alerts/cpujul2020.html Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2021.html Patch Third Party Advisory
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html Patch Third Party Advisory
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html Patch Third Party Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:oracle:application_testing_suite:12.5.0.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:application_testing_suite:13.1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:application_testing_suite:13.2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:big_data_discovery:1.6.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_converged_application_server:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_performance_intelligence_center:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_services_gatekeeper:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:goldengate_for_big_data:12.2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:goldengate_for_big_data:12.3.1.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:goldengate_for_big_data:12.3.2.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:health_sciences_information_manager:3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:healthcare_master_person_index:3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:healthcare_master_person_index:4.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:insurance_calculation_engine:10.1.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:insurance_calculation_engine:10.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:insurance_calculation_engine:10.2.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:insurance_rules_palette:10.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:insurance_rules_palette:10.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:insurance_rules_palette:10.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:insurance_rules_palette:11.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:insurance_rules_palette:11.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_gateway:15.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_gateway:16.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_gateway:17.12:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_back_office:14.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_back_office:14.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_central_office:14.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_central_office:14.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_customer_insights:15.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_customer_insights:16.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_integration_bus:14.0.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_integration_bus:14.0.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_integration_bus:14.0.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_integration_bus:14.0.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_integration_bus:14.1.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_integration_bus:14.1.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_integration_bus:14.1.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_integration_bus:15.0.0.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_integration_bus:15.0.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_integration_bus:15.0.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_integration_bus:16.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_integration_bus:16.0.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_integration_bus:16.0.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_open_commerce_platform:5.3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_open_commerce_platform:6.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_open_commerce_platform:6.0.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_order_broker:5.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_order_broker:5.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_order_broker:15.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_order_broker:16.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_point-of-sale:14.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_point-of-sale:14.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_predictive_application_server:14.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_predictive_application_server:14.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_predictive_application_server:15.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_predictive_application_server:16.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_returns_management:14.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_returns_management:14.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:service_architecture_leveraging_tuxedo:12.1.3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:service_architecture_leveraging_tuxedo:12.2.2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:tape_library_acsls:8.4:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:a:redhat:fuse:1.0.0:*:*:*:*:*:*:*

Configuration 4 (hide)

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
History

07 Nov 2023, 02:55

Type Values Removed Values Added
References
  • {'url': 'https://lists.apache.org/thread.html/6d3d34adcf3dfc48e36342aa1f18ce3c20bb8e4c458a97508d5bfed1@%3Cissues.activemq.apache.org%3E', 'name': '[activemq-issues] 20190826 [jira] [Created] (AMQ-7288) Security Vulnerabilities in ActiveMQ dependent libraries.', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'}
  • {'url': 'https://lists.apache.org/thread.html/ab825fcade0b49becfa30235b3d54f4a51bb74ea96b6c9adb5d1378c@%3Cissues.activemq.apache.org%3E', 'name': '[activemq-issues] 20190703 [jira] [Updated] (AMQ-7236) SEV-1 Security vulnerability in spring-expression-4.3.11.RELEASE.jar (spring framework) and xstream-1.4.10.jar', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'}
  • {'url': 'https://lists.apache.org/thread.html/4ed49b103f64a0cecb38064f26cbf1389afc12124653da2d35166dbe@%3Cissues.activemq.apache.org%3E', 'name': '[activemq-issues] 20190703 [jira] [Created] (AMQ-7236) SEV-1 Security vulnerability in spring-expression-4.3.11.RELEASE.jar (spring framework)', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'}
  • {'url': 'https://lists.apache.org/thread.html/dcf8599b80e43a6b60482607adb76c64672772dc2d9209ae2170f369@%3Cissues.activemq.apache.org%3E', 'name': '[activemq-issues] 20190718 [jira] [Updated] (AMQ-7236) SEV-1 Security vulnerability in spring-expression-4.3.11.RELEASE.jar (spring framework) and xstream-1.4.10.jar', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'}
  • {'url': 'https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E', 'name': '[geode-issues] 20200831 [jira] [Created] (GEODE-8471) Dependency security issues in geode-core-1.12', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'}
  • () https://lists.apache.org/thread.html/dcf8599b80e43a6b60482607adb76c64672772dc2d9209ae2170f369%40%3Cissues.activemq.apache.org%3E -
  • () https://lists.apache.org/thread.html/ab825fcade0b49becfa30235b3d54f4a51bb74ea96b6c9adb5d1378c%40%3Cissues.activemq.apache.org%3E -
  • () https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E -
  • () https://lists.apache.org/thread.html/4ed49b103f64a0cecb38064f26cbf1389afc12124653da2d35166dbe%40%3Cissues.activemq.apache.org%3E -
  • () https://lists.apache.org/thread.html/6d3d34adcf3dfc48e36342aa1f18ce3c20bb8e4c458a97508d5bfed1%40%3Cissues.activemq.apache.org%3E -
Information

Published : 2018-04-06 13:29

Updated : 2024-02-28 16:25

NVD link : CVE-2018-1270

Mitre link : CVE-2018-1270

CVE.ORG link : CVE-2018-1270

JSON object : View

Products Affected

oracle

  • communications_converged_application_server
  • insurance_calculation_engine
  • goldengate_for_big_data
  • tape_library_acsls
  • retail_order_broker
  • retail_returns_management
  • health_sciences_information_manager
  • retail_xstore_point_of_service
  • retail_back_office
  • communications_services_gatekeeper
  • retail_open_commerce_platform
  • service_architecture_leveraging_tuxedo
  • application_testing_suite
  • retail_predictive_application_server
  • retail_integration_bus
  • retail_point-of-sale
  • healthcare_master_person_index
  • enterprise_manager_ops_center
  • retail_central_office
  • insurance_rules_palette
  • primavera_gateway
  • big_data_discovery
  • communications_performance_intelligence_center
  • retail_customer_insights
  • communications_diameter_signaling_router

vmware

  • spring_framework

debian

  • debian_linux

redhat

  • fuse
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')

CWE-358

Improperly Implemented Security Check for Standard


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024