Published: 06/04/2018 Updated: 07/11/2023

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 670

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Spring Framework, versions 5.0 before 5.0.5 and versions 4.3 before 4.3.15 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a remote code execution attack.

Vulnerable Product	Search on Vulmon	Subscribe to Product
vmware spring framework
oracle retail xstore point of service 7.1
oracle enterprise manager ops center 12.2.2
oracle primavera gateway 16.2
oracle primavera gateway 15.2
oracle application testing suite 12.5.0.3
oracle retail back office 14.1
oracle retail back office 14.0
oracle enterprise manager ops center 12.3.3
oracle retail open commerce platform 6.0.1
oracle application testing suite 13.1.0.1
oracle application testing suite 13.2.0.1
oracle application testing suite 13.3.0.1
oracle communications diameter signaling router
oracle communications performance intelligence center
oracle insurance rules palette 10.0
oracle insurance rules palette 10.2
oracle communications services gatekeeper
oracle health sciences information manager 3.0
oracle healthcare master person index 3.0
oracle healthcare master person index 4.0
oracle insurance calculation engine 10.2
oracle retail customer insights 15.0
oracle retail customer insights 16.0
oracle tape library acsls 8.4
oracle communications converged application server
oracle service architecture leveraging tuxedo 12.1.3.0.0
oracle service architecture leveraging tuxedo 12.2.2.0.0
oracle retail predictive application server 14.0
oracle retail predictive application server 14.1
oracle retail predictive application server 15.0
oracle retail predictive application server 16.0
oracle retail order broker 5.1
oracle retail order broker 5.2
oracle retail order broker 15.0
oracle retail order broker 16.0
oracle retail open commerce platform 5.3.0
oracle retail open commerce platform 6.0.0
oracle insurance calculation engine 10.2.1
oracle insurance calculation engine 10.1.1
oracle insurance rules palette 10.1
oracle insurance rules palette 11.0
oracle insurance rules palette 11.1
oracle primavera gateway 17.12
oracle big data discovery 1.6.0
oracle goldengate for big data 12.2.0.1
oracle goldengate for big data 12.3.1.1
oracle goldengate for big data 12.3.2.1
oracle retail integration bus 14.0.1
oracle retail integration bus 14.0.2
oracle retail integration bus 14.0.3
oracle retail integration bus 14.0.4
oracle retail integration bus 16.0
oracle retail integration bus 16.0.1
oracle retail integration bus 16.0.2
oracle retail integration bus 15.0.1
oracle retail integration bus 15.0.0.1
oracle retail integration bus 15.0.2
oracle retail integration bus 14.1.1
oracle retail integration bus 14.1.2
oracle retail integration bus 14.1.3
oracle retail returns management 14.0
oracle retail returns management 14.1
oracle retail point-of-sale 14.0
oracle retail point-of-sale 14.1
oracle retail central office 14.0
oracle retail central office 14.1
redhat fuse 1.0.0
debian debian linux 9.0

Synopsis Critical: Red Hat FIS 20 on Fuse 630 R8 security and bug fix update Type/Severity Security Advisory: Critical Topic An update is now available for Red Hat Fuse Integration ServicesRed Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scor ...

Debian Bug report logs - #895114 libspring-java: CVE-2018-1270 CVE-2018-1272 Package: src:libspring-java; Maintainer for src:libspring-java is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 7 Apr 2018 07:51:01 UTC Severity: gra ...

Spring Framework, versions 50 prior to 505 and versions 43 prior to 4315 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module A malicious user (or attacker) can craft a message to the broker that can lead to a remote code executio ...

Pivotal Spring Java Framework versions 50x and below suffer from a remote code execution vulnerability ...

Spring messaging STOMP protocol RCE

CVE-2018-1270 - Spring messaging Spel 代码执行漏洞昨天 Spring 公布了1个RCE漏洞，了解一下: CVE-2018-1270: Remote Code Execution with spring-messaging 影响版本 Spring Framework 50 to 504 Spring Framework 43 to 4314 这个漏洞对环境没有要求，如果你在使用 spring-messaging + websocket + STOMP，请尽快升级到最新版本；如果

Docker for vulnerability environment with web ui

Docker 集成靶场环境(Web版) 基于docker-compose-ui + vulhub 原地址： githubcom/francescou/docker-compose-ui githubcom/vulhub/vulhub 靶场环境文件更新说明： 1 创建漏洞名称文件，如“Apache解析漏洞” 2 编写漏洞环境的dockerfile文件 3 编写漏洞环境所需的容器配置文件docker-composeyml 4 编写�

A Docker runner for vulnhub environment.

Docker Vuln Runner A Docker runner for docker-based vulnerable environments Table of Contents Overview Install Local Usage Distributed Usage Demo Development Credits License Overview vuln-runner is a tool that allows you to quickly run the docker vulnerable stacks The vulnerable stack actually supported are: vulhub repo At SecSI we found it useful to repro

JavaRce complements project - use RASP to prevent vulnerabilities

PPPRASP By Whoopsunix why jvm-sandbox？发现 jvm-sandbox 从 140 开始支持 Native 的增强，正好写一个简单的 RASP Demo 来熟悉这个 AOP 框架（其实是懒得用从头用 ASM 写）。 AOP 框架、沙箱类隔离等架构优点，很难拒绝基层基于 ASM 实现，框架比较熟悉，后续有更复杂的需求时可以改源码方便虽然没有

map 收集到的工具时间长了可能会遗忘，map项目解决这个问题 theHarvester 收集电子邮件帐户、子域名、虚拟主机和打开端口/信息和雇员姓名（搜索引擎，PGP密钥服务器）。 APTSimulator APT模拟器是一个Windows批处理脚本，它使用一组工具和输出文件使系统看起来好像被破坏了。 knock 子域名收集

CVE-2018-1270 表达式RCE环境

CVE-2018-1270 CVE-2018-1270 表达式RCE环境

CWE-94 https://pivotal.io/security/cve-2018-1270 http://www.securityfocus.com/bid/103696 https://www.exploit-db.com/exploits/44796/http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html https://access.redhat.com/errata/RHSA-2018:2939 https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html https://www.oracle.com/security-alerts/cpujul2020.html https://lists.debian.org/debian-lts-announce/2021/04/msg00022.html https://www.oracle.com/security-alerts/cpuoct2021.html https://lists.apache.org/thread.html/4ed49b103f64a0cecb38064f26cbf1389afc12124653da2d35166dbe%40%3Cissues.activemq.apache.org%3E https://lists.apache.org/thread.html/ab825fcade0b49becfa30235b3d54f4a51bb74ea96b6c9adb5d1378c%40%3Cissues.activemq.apache.org%3E https://lists.apache.org/thread.html/dcf8599b80e43a6b60482607adb76c64672772dc2d9209ae2170f369%40%3Cissues.activemq.apache.org%3E https://lists.apache.org/thread.html/6d3d34adcf3dfc48e36342aa1f18ce3c20bb8e4c458a97508d5bfed1%40%3Cissues.activemq.apache.org%3E https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E https://access.redhat.com/errata/RHSA-2018:2939 https://nvd.nist.gov https://github.com/CaledoniaProject/CVE-2018-1270

CVE-2018-1270

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect