CVE-2018-11039: Spring Framework (versions 5.0.x prior to 5.0.7, versions 4.3.x prior to 4.3.18, and older unsupported versions) allow web applications to change the HTTP…

medium5.9CVSS 3.1

AVNACHPRNUINSUCHINAN

Spring Framework (versions 5.0.x prior to 5.0.7, versions 4.3.x prior to 4.3.18, and older unsupported versions) allow web applications to change the HTTP request method to any HTTP method (including TRACE) using the HiddenHttpMethodFilter in Spring MVC. If an application has a pre-existing XSS vulnerability, a malicious user (or attacker) can use this filter to escalate to an XST (Cross Site Tracing) attack.

Affected

67 ranges· showing 25

Vendor	Product	Version range	Fixed in
debian	debian_linux	—	—
debian	libspring-java	< libspring-java 4.3.19-1 (bookworm)	libspring-java 4.3.19-1 (bookworm)
oracle	agile_plm	—	—
oracle	agile_plm	—	—
oracle	agile_plm	—	—
oracle	agile_plm	—	—
oracle	application_testing_suite	—	—
oracle	application_testing_suite	—	—
oracle	application_testing_suite	—	—
oracle	application_testing_suite	—	—
oracle	communications_diameter_signaling_router	< 8.3	8.3
oracle	communications_network_integrity	7.3.2 – 7.3.6	—
oracle	communications_online_mediation_controller	—	—
oracle	communications_performance_intelligence_center	< 10.2.1	10.2.1
oracle	communications_services_gatekeeper	< 6.1.0.4.0	6.1.0.4.0
oracle	communications_unified_inventory_management	—	—
oracle	communications_unified_inventory_management	—	—
oracle	communications_unified_inventory_management	—	—
oracle	communications_unified_inventory_management	—	—
oracle	endeca_information_discovery_integrator	—	—
oracle	endeca_information_discovery_integrator	—	—
oracle	enterprise_manager_base_platform	—	—
oracle	enterprise_manager_base_platform	—	—
oracle	enterprise_manager_base_platform	—	—
oracle	enterprise_manager_for_mysql_database	—	—

CVSS provenance

nvdv3.15.9MEDIUMCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

osv5.9MEDIUM