RCE in Spring By Pivotal Framework
CVE-2018-1275
Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.16 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging m…
Vulnerability class: RCE (Remote Code Execution)
EPSS: 0.581 (99.0th percentile) — read the EPSS interpretation.
Affected products
- Spring By Pivotal Framework — versions Versions prior to 5.0.5 and 4.3.16
Weakness classification (CWE)
Public proof-of-concept exploits
References
- 1041301 (vdb-entry, x_refsource_SECTRACK)
- RHSA-2018:2939 (x_refsource_REDHAT, vendor-advisory)
- RHSA-2018:1320 (x_refsource_REDHAT, vendor-advisory)
- 103771 (vdb-entry, x_refsource_BID)
- [activemq-issues] 20190703 [jira] [Created] (AMQ-7236) SEV-1 Security vulnerability in spring-expression-4.3.11.RELEASE.jar (spring framework) (mailing-list, x_refsource_MLIST)
- [activemq-issues] 20190703 [jira] [Updated] (AMQ-7236) SEV-1 Security vulnerability in spring-expression-4.3.11.RELEASE.jar (spring framework) and xstream-1.4.10.jar (mailing-list, x_refsource_MLIST)
- [activemq-issues] 20190718 [jira] [Updated] (AMQ-7236) SEV-1 Security vulnerability in spring-expression-4.3.11.RELEASE.jar (spring framework) and xstream-1.4.10.jar (mailing-list, x_refsource_MLIST)
- www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html (x_refsource_CONFIRM)
- www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html (x_refsource_CONFIRM)
- www.oracle.com/security-alerts/cpujul2020.html (x_refsource_MISC)
Frequently asked questions
- What is CVE-2018-1275?
- CVE-2018-1275 is a vulnerability in Spring By Pivotal Framework, classified under Code Injection. Published 2018-04-11.
- Is CVE-2018-1275 known to be exploited?
- 12 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.