CVE-2018-1257

Spring Framework, versions 5.0.x prior to 5.0.6, versions 4.3.x prior to 4.3.17, and older unsupported versions allows applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a regular expression, denial of service attack.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
dellCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 72%
VendorProductVersion
vmwarespring_framework
𝑥
< 4.3.17
vmwarespring_framework
5.0.0 ≤
𝑥
< 5.0.6
redhatopenshift
-
oracleagile_product_lifecycle_management
9.3.3
oracleagile_product_lifecycle_management
9.3.4
oracleagile_product_lifecycle_management
9.3.5
oracleagile_product_lifecycle_management
9.3.6
oracleapplication_testing_suite
12.5.0.3
oracleapplication_testing_suite
13.1.0.1
oracleapplication_testing_suite
13.2.0.1
oracleapplication_testing_suite
13.3.0.1
oraclebig_data_discovery
1.6.0
oraclecommunications_converged_application_server
𝑥
< 7.0.0.1
oraclecommunications_diameter_signaling_router
𝑥
< 8.3
oraclecommunications_performance_intelligence_center
𝑥
< 10.2.1
oraclecommunications_services_gatekeeper
𝑥
< 6.1.0.4.0
oraclecommunications_unified_inventory_management
7.3.2
oraclecommunications_unified_inventory_management
7.3.4
oraclecommunications_unified_inventory_management
7.3.5
oraclecommunications_unified_inventory_management
7.4.0
oracleendeca_information_discovery_integrator
3.1.0
oracleendeca_information_discovery_integrator
3.2.0
oracleenterprise_manager_base_platform
12.1.0.5.0
oracleenterprise_manager_base_platform
13.2.0.0.0
oracleenterprise_manager_base_platform
13.3.0.0.0
oracleenterprise_manager_for_mysql_database
13.2
oracleenterprise_manager_ops_center
12.3.3
oracleflexcube_private_banking
2.0.0.0
oracleflexcube_private_banking
2.2.0.1
oracleflexcube_private_banking
12.0.1.0
oracleflexcube_private_banking
12.0.3.0
oracleflexcube_private_banking
12.1.0.0
oraclegoldengate_for_big_data
12.2.0.1
oraclegoldengate_for_big_data
12.3.1.1
oraclegoldengate_for_big_data
12.3.2.1
oraclehealth_sciences_information_manager
3.0
oraclehealthcare_master_person_index
3.0
oraclehealthcare_master_person_index
4.0
oraclehospitality_guest_access
4.2.0
oraclehospitality_guest_access
4.2.1
oracleinsurance_calculation_engine
10.1.1
oracleinsurance_calculation_engine
10.2
oracleinsurance_calculation_engine
10.2.1
oracleinsurance_rules_palette
10.0
oracleinsurance_rules_palette
10.1
oracleinsurance_rules_palette
10.2
oracleinsurance_rules_palette
11.0
oracleinsurance_rules_palette
11.1
oracleprimavera_gateway
15.2
oracleprimavera_gateway
16.2
oracleprimavera_gateway
17.12
oracleretail_customer_insights
15.0
oracleretail_customer_insights
16.0
oracleretail_open_commerce_platform
5.3.0
oracleretail_open_commerce_platform
6.0.0
oracleretail_open_commerce_platform
6.0.1
oracleretail_order_broker
5.1
oracleretail_order_broker
5.2
oracleretail_order_broker
15.0
oracleretail_order_broker
16.0
oracleretail_predictive_application_server
14.0
oracleretail_predictive_application_server
14.1
oracleretail_predictive_application_server
15.0
oracleretail_predictive_application_server
16.0
oracleservice_architecture_leveraging_tuxedo
12.1.3.0.0
oracleservice_architecture_leveraging_tuxedo
12.2.2.0.0
oracletape_library_acsls
8.4
oracleutilities_network_management_system
1.12.0.3
oracleweblogic_server
10.3.6.0.0
oracleweblogic_server
12.1.3.0.0
oracleweblogic_server
12.2.1.3.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
libspring-java
bullseye
4.3.30-1
fixed
stretch
ignored
jessie
not-affected
sid
4.3.30-2
fixed
trixie
4.3.30-2
fixed
bookworm
4.3.30-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
libspring-java
noble
not-affected
mantic
not-affected
lunar
not-affected
kinetic
not-affected
jammy
not-affected
impish
not-affected
hirsute
not-affected
groovy
not-affected
focal
not-affected
eoan
not-affected
disco
not-affected
cosmic
not-affected
bionic
not-affected
artful
ignored
xenial
needed
trusty
needed
References
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
http://www.securityfocus.com/bid/104260
https://access.redhat.com/errata/RHSA-2018:1809
https://access.redhat.com/errata/RHSA-2018:3768
https://pivotal.io/security/cve-2018-1257
https://www.oracle.com/security-alerts/cpujan2020.html
https://www.oracle.com/security-alerts/cpujul2020.html
https://www.oracle.com/security-alerts/cpuoct2021.html
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
http://www.securityfocus.com/bid/104260
https://access.redhat.com/errata/RHSA-2018:1809
https://access.redhat.com/errata/RHSA-2018:3768
https://pivotal.io/security/cve-2018-1257
https://www.oracle.com/security-alerts/cpujan2020.html
https://www.oracle.com/security-alerts/cpujul2020.html
https://www.oracle.com/security-alerts/cpuoct2021.html
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html