Published: 05/12/2012 Updated: 09/08/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

VMware SpringSource Spring Framework prior to 2.5.6.SEC03, 2.5.7.SR023, and 3.x prior to 3.0.6, when a container supports Expression Language (EL), evaluates EL expressions in tags twice, which allows remote malicious users to obtain sensitive information via a (1) name attribute in a (a) spring:hasBindErrors tag; (2) path attribute in a (b) spring:bind or (c) spring:nestedpath tag; (3) arguments, (4) code, (5) text, (6) var, (7) scope, or (8) message attribute in a (d) spring:message or (e) spring:theme tag; or (9) var, (10) scope, or (11) value attribute in a (f) spring:transform tag, aka "Expression Language Injection."

Vulnerable Product	Search on Vulmon	Subscribe to Product
springsource spring framework 2.5.0
springsource spring framework 2.5.5
springsource spring framework 2.5.6
springsource spring framework 3.0.4
springsource spring framework
springsource spring framework 2.5.3
springsource spring framework 2.5.4
springsource spring framework 3.0.2
springsource spring framework 3.0.3
springsource spring framework 2.5.1
springsource spring framework 2.5.2
springsource spring framework 3.0.0
springsource spring framework 3.0.1
springsource spring framework 2.5.7

Debian Bug report logs - #670901 Spring: Multiple security issues Package: libspring-security-20-java; Maintainer for libspring-security-20-java is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>; Reported by: Moritz Muehlenhoff <muehlenhoff@univentionde> Date: Mon, 30 Apr 2012 07:57:05 UTC ...

It was discovered that the Spring Framework contains an information disclosure vulnerability in the processing of certain Expression Language (EL) patterns, allowing attackers to access sensitive information using HTTP requests NOTE: This update adds a springJspExpressionSupport context parameter which must be manually set to false when the Spring ...

Synopsis Important: JBoss Enterprise Application Platform 520 update Type/Severity Security Advisory: Important Topic Updated JBoss Enterprise Application Platform 520 packages that fixmultiple security issues, various bugs, and add several enhancements arenow available for Red Hat Enterprise Linux 6Th ...

Synopsis Important: JBoss Enterprise Web Platform 520 update Type/Severity Security Advisory: Important Topic Updated JBoss Enterprise Web Platform 520 packages that fix multiplesecurity issues, various bugs, and add several enhancements are nowavailable for Red Hat Enterprise Linux 5The Red Hat Securi ...

Synopsis Important: JBoss Enterprise Web Platform 520 update Type/Severity Security Advisory: Important Topic JBoss Enterprise Web Platform 520, which fixes multiple security issues,various bugs, and adds several enhancements, is now available from the RedHat Customer PortalThe Red Hat Security Respons ...

Synopsis Important: JBoss Enterprise Application Platform 520 update Type/Severity Security Advisory: Important Topic JBoss Enterprise Application Platform 520, which fixes multiple securityissues, various bugs, and adds several enhancements, is now available fromthe Red Hat Customer PortalThe Red Hat ...

Synopsis Important: JBoss Enterprise SOA Platform 531 update Type/Severity Security Advisory: Important Topic JBoss Enterprise SOA Platform 531, which fixes multiple security issues,various bugs, and adds enhancements, is now available from the Red HatCustomer PortalThe Red Hat Security Response Team h ...

Get Started

CVE-2011-2730

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect