Vulnerability Name: CVE-2018-1257 (CCN-143316) Assigned: 2017-12-06 Published: 2018-05-09 Updated: 2022-06-23 Summary: Spring Framework, versions 5.0.x prior to 5.0.6, versions 4.3.x prior to 4.3.17, and older unsupported versions allows applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a regular expression, denial of service attack. CVSS v3 Severity: 6.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 5.7 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): LowUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): NoneIntegrity (I): NoneAvailibility (A): High
7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 6.5 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): NoneIntegrity (I): NoneAvailibility (A): High
CVSS v2 Severity: 4.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAuthentication (Au): Single_InstanceImpact Metrics: Confidentiality (C): NoneIntegrity (I): NoneAvailibility (A): Partial
7.8 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAthentication (Au): NoneImpact Metrics: Confidentiality (C): NoneIntegrity (I): NoneAvailibility (A): Complete
Vulnerability Type: CWE-noinfo Vulnerability Consequences: Denial of Service References: Source: MITRECVE-2018-1257 http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html 104260 Spring Framework CVE-2018-1257 Denial-Of-Service Vulnerability RHSA-2018:1809 RHSA-2018:3768 pivotal-cve20181257-dos(143316) CVE-2018-1257: ReDoS Attack with spring-messaging https://pivotal.io/security/cve-2018-1257 Multiple Vulnerabilities in IBM Guardium Data Encryption (GDE) IBM Sterling B2B Integrator vulnerable to multiple vulnerabilities due to Spring Framework IBM Cognos Controller has addressed multiple vulnerabilities https://www.oracle.com/security-alerts/cpujan2020.html https://www.oracle.com/security-alerts/cpujul2020.html https://www.oracle.com/security-alerts/cpuoct2021.html https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html Vulnerable Configuration: Configuration 1 :cpe:/a:vmware:spring_framework:*:*:*:*:*:*:*:* (Version < 4.3.17)OR cpe:/a:vmware:spring_framework:*:*:*:*:*:*:*:* (Version >= 5.0.0 and < 5.0.6) Configuration 2 :cpe:/a:redhat:openshift:-:*:*:*:*:*:*:* Configuration 3 :cpe:/a:oracle:flexcube_private_banking:2.2.0.1:*:*:*:*:*:*:* OR cpe:/a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:* OR cpe:/a:oracle:primavera_gateway:16.2:*:*:*:*:*:*:* OR cpe:/a:oracle:primavera_gateway:15.2:*:*:*:*:*:*:* OR cpe:/a:oracle:application_testing_suite:12.5.0.3:*:*:*:*:*:*:* OR cpe:/a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:* OR cpe:/a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:* OR cpe:/a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:* OR cpe:/a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:* OR cpe:/a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:* OR cpe:/a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:* (Version < 8.3) OR cpe:/a:oracle:communications_performance_intelligence_center:*:*:*:*:*:*:*:* (Version < 10.2.1) OR cpe:/a:oracle:communications_services_gatekeeper:*:*:*:*:*:*:*:* (Version < 6.1.0.4.0) OR cpe:/a:oracle:insurance_rules_palette:10.0:*:*:*:*:*:*:* OR cpe:/a:oracle:insurance_rules_palette:10.2:*:*:*:*:*:*:* OR cpe:/a:oracle:health_sciences_information_manager:3.0:*:*:*:*:*:*:* OR cpe:/a:oracle:healthcare_master_person_index:3.0:*:*:*:*:*:*:* OR cpe:/a:oracle:application_testing_suite:13.1.0.1:*:*:*:*:*:*:* OR cpe:/a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:* OR cpe:/a:oracle:endeca_information_discovery_integrator:3.2.0:*:*:*:*:*:*:* OR cpe:/a:oracle:healthcare_master_person_index:4.0:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_open_commerce_platform:6.0.1:*:*:*:*:*:*:* OR cpe:/a:oracle:application_testing_suite:13.2.0.1:*:*:*:*:*:*:* OR cpe:/a:oracle:endeca_information_discovery_integrator:3.1.0:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_customer_insights:15.0:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_customer_insights:16.0:*:*:*:*:*:*:* OR cpe:/a:oracle:insurance_calculation_engine:10.2:*:*:*:*:*:*:* OR cpe:/a:oracle:enterprise_manager_base_platform:12.1.0.5.0:*:*:*:*:*:*:* OR cpe:/a:oracle:enterprise_manager_base_platform:13.2.0.0.0:*:*:*:*:*:*:* OR cpe:/a:oracle:enterprise_manager_base_platform:13.3.0.0.0:*:*:*:*:*:*:* OR cpe:/a:oracle:communications_converged_application_server:*:*:*:*:*:*:*:* (Version < 7.0.0.1) OR cpe:/a:oracle:insurance_calculation_engine:10.2.1:*:*:*:*:*:*:* OR cpe:/a:oracle:insurance_rules_palette:10.1:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_order_broker:15.0:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_order_broker:16.0:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_predictive_application_server:14.0:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_predictive_application_server:14.1:*:*:*:*:*:*:* OR cpe:/a:oracle:utilities_network_management_system:1.12.0.3:*:*:*:*:*:*:* OR cpe:/a:oracle:agile_product_lifecycle_management:9.3.3:*:*:*:*:*:*:* OR cpe:/a:oracle:agile_product_lifecycle_management:9.3.4:*:*:*:*:*:*:* OR cpe:/a:oracle:agile_product_lifecycle_management:9.3.5:*:*:*:*:*:*:* OR cpe:/a:oracle:agile_product_lifecycle_management:9.3.6:*:*:*:*:*:*:* OR cpe:/a:oracle:goldengate_for_big_data:12.3.1.1:*:*:*:*:*:*:* OR cpe:/a:oracle:goldengate_for_big_data:12.3.2.1:*:*:*:*:*:*:* OR cpe:/a:oracle:primavera_gateway:17.12:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_open_commerce_platform:5.3.0:*:*:*:*:*:*:* OR cpe:/a:oracle:goldengate_for_big_data:12.2.0.1:*:*:*:*:*:*:* OR cpe:/a:oracle:insurance_rules_palette:11.0:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_order_broker:5.2:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_predictive_application_server:15.0:*:*:*:*:*:*:* OR cpe:/a:oracle:service_architecture_leveraging_tuxedo:12.1.3.0.0:*:*:*:*:*:*:* OR cpe:/a:oracle:tape_library_acsls:8.4:*:*:*:*:*:*:* OR cpe:/a:oracle:big_data_discovery:1.6.0:*:*:*:*:*:*:* OR cpe:/a:oracle:enterprise_manager_for_mysql_database:13.2:*:*:*:*:*:*:* OR cpe:/a:oracle:insurance_calculation_engine:10.1.1:*:*:*:*:*:*:* OR cpe:/a:oracle:insurance_rules_palette:11.1:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_open_commerce_platform:6.0.0:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_order_broker:5.1:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_predictive_application_server:16.0:*:*:*:*:*:*:* OR cpe:/a:oracle:service_architecture_leveraging_tuxedo:12.2.2.0.0:*:*:*:*:*:*:* OR cpe:/a:oracle:flexcube_private_banking:2.0.0.0:*:*:*:*:*:*:* OR cpe:/a:oracle:flexcube_private_banking:12.0.1.0:*:*:*:*:*:*:* OR cpe:/a:oracle:flexcube_private_banking:12.0.3.0:*:*:*:*:*:*:* OR cpe:/a:oracle:flexcube_private_banking:12.1.0.0:*:*:*:*:*:*:* OR cpe:/a:oracle:communications_unified_inventory_management:7.3.2:*:*:*:*:*:*:* OR cpe:/a:oracle:communications_unified_inventory_management:7.3.5:*:*:*:*:*:*:* OR cpe:/a:oracle:communications_unified_inventory_management:7.3.4:*:*:*:*:*:*:* OR cpe:/a:oracle:communications_unified_inventory_management:7.4.0:*:*:*:*:*:*:* Configuration CCN 1 :cpe:/a:pivotal:spring_framework:4.3.0:*:*:*:*:*:*:* OR cpe:/a:pivotal:spring_framework:5.0.0:*:*:*:*:*:*:* OR cpe:/a:pivotal:spring_framework:5.0.5:*:*:*:*:*:*:* OR cpe:/a:pivotal:spring_framework:4.3.16:*:*:*:*:*:*:* AND cpe:/a:ibm:sterling_b2b_integrator:6.0.0.0:*:*:*:*:*:*:* OR cpe:/a:ibm:cognos_controller:10.4.0:*:*:*:*:*:*:* OR cpe:/a:ibm:cognos_controller:10.4.1:*:*:*:*:*:*:* OR cpe:/a:ibm:security_guardium_data_encryption:3.0.0.2:*:*:*:*:*:*:* OR cpe:/a:ibm:cognos_controller:10.4.2:*:*:*:*:*:*:* OR cpe:/a:ibm:sterling_b2b_integrator:6.1.0.0:*:*:*:standard:*:*:* OR cpe:/a:ibm:sterling_b2b_integrator:6.0.3.5:*:*:*:standard:*:*:* Oval Definitions BACK
vmware spring framework *
vmware spring framework *
redhat openshift -
oracle flexcube private banking 2.2.0.1
oracle weblogic server 12.1.3.0.0
oracle primavera gateway 16.2
oracle primavera gateway 15.2
oracle application testing suite 12.5.0.3
oracle hospitality guest access 4.2.0
oracle hospitality guest access 4.2.1
oracle weblogic server 10.3.6.0.0
oracle weblogic server 12.2.1.3.0
oracle enterprise manager ops center 12.3.3
oracle communications diameter signaling router *
oracle communications performance intelligence center *
oracle communications services gatekeeper *
oracle insurance rules palette 10.0
oracle insurance rules palette 10.2
oracle health sciences information manager 3.0
oracle healthcare master person index 3.0
oracle application testing suite 13.1.0.1
oracle application testing suite 13.3.0.1
oracle endeca information discovery integrator 3.2.0
oracle healthcare master person index 4.0
oracle retail open commerce platform 6.0.1
oracle application testing suite 13.2.0.1
oracle endeca information discovery integrator 3.1.0
oracle retail customer insights 15.0
oracle retail customer insights 16.0
oracle insurance calculation engine 10.2
oracle enterprise manager base platform 12.1.0.5.0
oracle enterprise manager base platform 13.2.0.0.0
oracle enterprise manager base platform 13.3.0.0.0
oracle communications converged application server *
oracle insurance calculation engine 10.2.1
oracle insurance rules palette 10.1
oracle retail order broker 15.0
oracle retail order broker 16.0
oracle retail predictive application server 14.0
oracle retail predictive application server 14.1
oracle utilities network management system 1.12.0.3
oracle agile product lifecycle management 9.3.3
oracle agile product lifecycle management 9.3.4
oracle agile product lifecycle management 9.3.5
oracle agile product lifecycle management 9.3.6
oracle goldengate for big data 12.3.1.1
oracle goldengate for big data 12.3.2.1
oracle primavera gateway 17.12
oracle retail open commerce platform 5.3.0
oracle goldengate for big data 12.2.0.1
oracle insurance rules palette 11.0
oracle retail order broker 5.2
oracle retail predictive application server 15.0
oracle service architecture leveraging tuxedo 12.1.3.0.0
oracle tape library acsls 8.4
oracle big data discovery 1.6.0
oracle enterprise manager for mysql database 13.2
oracle insurance calculation engine 10.1.1
oracle insurance rules palette 11.1
oracle retail open commerce platform 6.0.0
oracle retail order broker 5.1
oracle retail predictive application server 16.0
oracle service architecture leveraging tuxedo 12.2.2.0.0
oracle flexcube private banking 2.0.0.0
oracle flexcube private banking 12.0.1.0
oracle flexcube private banking 12.0.3.0
oracle flexcube private banking 12.1.0.0
oracle communications unified inventory management 7.3.2
oracle communications unified inventory management 7.3.5
oracle communications unified inventory management 7.3.4
oracle communications unified inventory management 7.4.0
pivotal spring framework 4.3.0
pivotal spring framework 5.0.0
pivotal spring framework 5.0.5
pivotal spring framework 4.3.16
ibm sterling b2b integrator 6.0.0.0
ibm cognos controller 10.4.0
ibm cognos controller 10.4.1
ibm security guardium data encryption 3.0.0.2
ibm cognos controller 10.4.2
ibm sterling b2b integrator 6.1.0.0
ibm sterling b2b integrator 6.0.3.5
Denotes that component is vulnerable