CVE-2018-1275

Impact:
Critical
Public Date:
2018-04-09
CWE:
CWE-20
Bugzilla:
1565307: CVE-2018-1275 spring-framework: Address partial fix for CVE-2018-1270

The MITRE CVE dictionary describes this issue as:

Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.16 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a remote code execution attack. This CVE addresses the partial fix for CVE-2018-1270 in the 4.3.x branch of the Spring Framework.

Find out more about CVE-2018-1275 from the MITRE CVE dictionary dictionary and NIST NVD.

CVSS v3 metrics

CVSS3 Base Score 9.8
CVSS3 Base Metrics CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality High
Integrity Impact High
Availability Impact High

Red Hat Security Errata

Platform Errata Release Date
Red Hat OpenShift Application Runtimes 1.0 RHSA-2018:1320 2018-05-03
Red Hat JBoss Fuse 6.3 RHSA-2018:2939 2018-10-17

Affected Packages State

Platform Package State
Red Hat Virtualization 4 rhevm-dependencies Not affected
Red Hat Mobile Application Platform On-Premise 4 spring Not affected
Red Hat JBoss Web Server 3 tomcat Not affected
Red Hat JBoss Fuse 7 spring Not affected
Red Hat JBoss EWS 2 tomcat Not affected
Red Hat JBoss EAP 7 undertow Not affected
Red Hat JBoss EAP 6 jbossweb Not affected
Red Hat JBoss EAP 5 jbossweb Not affected
Red Hat JBoss Data Virtualization 6 spring Not affected
Red Hat JBoss BRMS 6 spring Not affected
Red Hat JBoss A-MQ 6 spring Not affected
Red Hat Gluster Storage 3 rhevm-dependencies Not affected
Red Hat Enterprise Linux 8 springframework Not affected
Last Modified

CVE description copyright © 2017, The MITRE Corporation