CVE-2018-1257

CWE-200 — Information Exposure11 documents8 sources

Severity

6.5MEDIUM

EPSS

1.2%

top 21.28%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oracle Communications Converged Application Server Oracle Communications Diameter Signaling Router Oracle Communications Performance Intelligence Center +27 more

Timeline

PublishedMay 11

Latest updateAug 14

Description

Spring Framework, versions 5.0.x prior to 5.0.6, versions 4.3.x prior to 4.3.17, and older unsupported versions allows applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a regular expression, denial of service attack.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages32 packages

▶NVDvmware/spring_framework5.0.0 — 5.0.6+1

▶Mavenorg.springframework:spring-core5.0.0 — 5.0.6+1

▶CVEListV5pivotal/spring_framework5.0.x prior to 5.0.6; 4.3.x prior to 4.3.17

▶Debianlibspring-java< 4.3.19-1+3

▶NVDoracle/retail_order_broker4 versions+3

Patches

Patch: www.oracle.com ↗Patch: www.oracle.com ↗Patch: www.oracle.com ↗

🔴Vulnerability Details

OSV

Denial of Service in org.springframework:spring-core↗2018-10-17

▶

GHSA

Denial of Service in org.springframework:spring-core↗2018-10-17

▶

CVEList

CVE-2018-1257: Spring Framework, versions 5↗2018-05-11

▶

OSV

CVE-2018-1257: Spring Framework, versions 5↗2018-05-11

▶

💥Exploits & PoCs

Exploit-DB

ABC2MTEX 1.6.1 - Command Line Stack Overflow↗2019-08-14

▶

📋Vendor Advisories

Red Hat

spring-framework: ReDoS Attack with spring-messaging↗2018-05-09

▶

Debian

CVE-2018-1257: libspring-java - Spring Framework, versions 5.0.x prior to 5.0.6, versions 4.3.x prior to 4.3.17,...↗2018

▶

💬Community

Bugzilla

CVE-2018-11125 rapidjson: Heap-based buffer over-read in the Peek function in stream.h↗2018-05-17

▶

Bugzilla

CVE-2018-1257 springframework: spring-framework: ReDoS Attack with spring-messaging [fedora-all]↗2018-05-15

▶

Bugzilla

CVE-2018-1257 spring-framework: ReDoS Attack with spring-messaging↗2018-05-15

▶