CVE-2018-25007

Missing check in UIDL request handler in com.vaadin:flow-server versions 1.0.0 through 1.0.5 (Vaadin 10.0.0 through 10.0.7, and 11.0.0 through 11.0.2) allows attacker to update element property values via crafted synchronization message.

CVSS v3 2.6 LOW
CVSS v2.0 4.0 MEDIUM

2.6^/10

CVSS v3 : LOW

Vector :

Exploitability : 1.2 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

4.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:S/C:N/I:P/A:N

Exploitability : 8.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
https://github.com/vaadin/flow/pull/4774	Patch Third Party Advisory
https://vaadin.com/security/cve-2018-25007	Vendor Advisory
https://github.com/vaadin/flow/pull/4774	Patch Third Party Advisory
https://vaadin.com/security/cve-2018-25007	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:vaadin:flow::::::::
	cpe:2.3:a:vaadin:vaadin::::::::
	cpe:2.3:a:vaadin:vaadin::::::::

History

21 Nov 2024, 04:03

Type	Values Removed	Values Added
CVSS	v2 : ~~4.0~~ v3 : ~~4.3~~	v2 : 4.0 v3 : 2.6
References	~~() https://github.com/vaadin/flow/pull/4774 - Patch, Third Party Advisory~~	() https://github.com/vaadin/flow/pull/4774 - Patch, Third Party Advisory
References	~~() https://vaadin.com/security/cve-2018-25007 - Vendor Advisory~~	() https://vaadin.com/security/cve-2018-25007 - Vendor Advisory

Information

Published : 2021-04-23 16:15

Updated : 2024-11-21 04:03

NVD link : CVE-2018-25007

Mitre link : CVE-2018-25007

CVE.ORG link : CVE-2018-25007

JSON object : View

Products Affected

vaadin

vaadin
flow

CWE

CWE-754

Improper Check for Unusual or Exceptional Conditions

{"id": "CVE-2018-25007", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Secondary", "source": "security@vaadin.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 2.6, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 1.2}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2021-04-23T16:15:07.933", "references": [{"url": "https://github.com/vaadin/flow/pull/4774", "tags": ["Patch", "Third Party Advisory"], "source": "security@vaadin.com"}, {"url": "https://vaadin.com/security/cve-2018-25007", "tags": ["Vendor Advisory"], "source": "security@vaadin.com"}, {"url": "https://github.com/vaadin/flow/pull/4774", "tags": ["Patch", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://vaadin.com/security/cve-2018-25007", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "security@vaadin.com", "description": [{"lang": "en", "value": "CWE-754"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-754"}]}], "descriptions": [{"lang": "en", "value": "Missing check in UIDL request handler in com.vaadin:flow-server versions 1.0.0 through 1.0.5 (Vaadin 10.0.0 through 10.0.7, and 11.0.0 through 11.0.2) allows attacker to update element property values via crafted synchronization message."}, {"lang": "es", "value": "Una falta de comprobaci\u00f3n en el controlador de peticiones UIDL en com.vaadin:flow-server versiones 1.0.0 hasta 1.0.5 (Vaadin versiones 10.0.0 hasta 10.0.7 y versiones 11.0.0 hasta 11.0.2), permiten al atacante actualizar los valores de propiedad del elemento por medio de mensaje de sincronizaci\u00f3n"}], "lastModified": "2024-11-21T04:03:20.533", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:vaadin:flow:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5BE0CFD8-425E-4422-A110-3E9C366A01CD", "versionEndExcluding": "1.0.6", "versionStartIncluding": "1.0.0"}, {"criteria": "cpe:2.3:a:vaadin:vaadin:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6B3539F7-683C-4C28-907E-8F9D4142CD0D", "versionEndExcluding": "10.0.8", "versionStartIncluding": "10.0.0"}, {"criteria": "cpe:2.3:a:vaadin:vaadin:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F0D9C6DC-5386-4D8A-AF43-0AD496F11B85", "versionEndExcluding": "11.0.3", "versionStartIncluding": "11.0.0"}], "operator": "OR"}]}], "sourceIdentifier": "security@vaadin.com"}