CVE-2018-1257

high-risk

Published 2018-05-11

Spring Framework, versions 5.0.x prior to 5.0.6, versions 4.3.x prior to 4.3.17, and older unsupported versions allows applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a regular expression, denial of service attack.

Do I need to act?

1.2% chance of exploitation in next 30 days

EPSS score — moderate exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 6.5/10 Medium

NETWORK / LOW complexity

Affected Products (20)

Spring Framework

Openshift

Agile Product Lifecycle Management

Application Testing Suite

Big Data Discovery

Communications Converged Application Server

Communications Diameter Signaling Router

Communications Performance Intelligence Center

Communications Services Gatekeeper

Communications Unified Inventory Management

Endeca Information Discovery Integrator

Affected Vendors

Redhat Oracle Vmware

References (22)

Patch http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

Third Party Advisory http://www.securityfocus.com/bid/104260

Third Party Advisory https://access.redhat.com/errata/RHSA-2018:1809

Third Party Advisory https://access.redhat.com/errata/RHSA-2018:3768

Vendor Advisory https://pivotal.io/security/cve-2018-1257

Patch https://www.oracle.com/security-alerts/cpujan2020.html

Patch https://www.oracle.com/security-alerts/cpujul2020.html

Patch https://www.oracle.com/security-alerts/cpuoct2021.html

Patch https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

Patch https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

Patch https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

Patch http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

Third Party Advisory http://www.securityfocus.com/bid/104260

Third Party Advisory https://access.redhat.com/errata/RHSA-2018:1809

Third Party Advisory https://access.redhat.com/errata/RHSA-2018:3768

Vendor Advisory https://pivotal.io/security/cve-2018-1257

Patch https://www.oracle.com/security-alerts/cpujan2020.html

Patch https://www.oracle.com/security-alerts/cpujul2020.html

Patch https://www.oracle.com/security-alerts/cpuoct2021.html

Patch https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

and 2 more references

/ 100

high-risk

Severity 24/34 · High

Exploitability 3/34 · Minimal

Exposure 28/34 · Critical