Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2018-1271

CWE-22 — Path Traversal9 documents9 sources

Severity

5.9MEDIUM

EPSS

90.6%

top 0.38%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Oracle Communications Converged Application Server Oracle Communications Diameter Signaling Router Oracle Communications Performance Intelligence Center +26 more

Timeline

PublishedApr 6

Latest updateOct 6

Description

Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to configure Spring MVC to serve static resources (e.g. CSS, JS, images). When static resources are served from a file system on Windows (as opposed to the classpath, or the ServletContext), a malicious user can send a request using a specially crafted URL that can lead a directory traversal attack.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 2.2 | Impact: 3.6

Affected Packages30 packages

▶NVDvmware/spring_framework4.3.0 — 4.3.15+1

▶Mavenorg.springframework:spring-core5.0.0 — 5.0.5+1

▶CVEListV5spring_by_pivotal/spring_frameworkVersions prior to 5.0.5 and 4.3.15

▶NVDoracle/communications_converged_application_server< 7.0.0.1

▶NVDoracle/retail_predictive_application_server4 versions+3

Patches

Patch: www.oracle.com ↗Patch: www.oracle.com ↗Patch: www.oracle.com ↗

🔴Vulnerability Details

GHSA

Path Traversal in org.springframework:spring-core↗2018-10-17

▶

OSV

Path Traversal in org.springframework:spring-core↗2018-10-17

▶

CVEList

CVE-2018-1271: Spring Framework, versions 5↗2018-04-06

▶

💥Exploits & PoCs

Nuclei

Spring MVC Framework - Local File Inclusion

▶

📋Vendor Advisories

Red Hat

spring-framework: Directory traversal vulnerability with static resources on Windows filesystems↗2018-04-05

▶

Debian

CVE-2018-1271: libspring-java - Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 a...↗2018

▶

💬Community

HackerOne

Path Traversal issue at https://████/blaze/↗2022-10-06

▶

Bugzilla

CVE-2018-1271 spring-framework: Directory traversal vulnerability with static resources on Windows filesystems↗2018-04-24

▶