7.5
HIGH

CVE-2018-1273

Published: 11/04/2018 Updated: 21/07/2018
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

Vulnerability Summary

Pivotal Spring Data Commons and Data REST code execution

Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property binder vulnerability caused by improper neutralization of special elements. An unauthenticated remote malicious user (or attacker) can supply specially crafted request parameters against Spring Data REST backed HTTP resources or using Spring Data's projection-based request payload binding hat can lead to a remote code execution attack.

Pivotal Spring Data Commons and Data REST could allow a remote attacker to execute arbitrary code on the system, caused by an improper neutralization of special elements. By sending specially crafted request parameters against Spring Data REST backed HTTP resources, an attacker could exploit this vulnerability to execute arbitrary code on the system.

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Access Complexity: LOW
Authentication: NONE
Access Vector: NETWORK
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: PARTIAL

Vulnerability Trend

Affected Products

Vendor Product Versions
Pivotal SoftwareSpring Data Commons1.12.10, 1.13.0, 1.13.1, 1.13.2, 1.13.3, 1.13.4, 1.13.5, 1.13.6, 1.13.7, 1.13.8, 1.13.9, 1.13.10, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5
Pivotal SoftwareSpring Data Rest2.5.10, 2.6, 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 2.6.7, 2.6.8, 2.6.9, 2.6.10, 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5

Vendor Advisories

Spring Data Commons, versions prior to 113 to 11310, 20 to 205, and older unsupported versions, contain a property binder vulnerability caused by improper neutralization of special elements An unauthenticated remote malicious user (or attacker) can supply specially crafted request parameters against Spring Data REST backed HTTP resources or ...

Github Repositories

CVE-2018-1273 This is part of Cved: a tool to manage vulnerable docker containers Cved: gitlabcom/git-rep/cved Image source: githubcom/cved-sources/cve-2018-1273 Image author: githubcom/Medicean/VulApps/tree/master/s/spring/2

CVE-2018-1273 Environment for CVE-2018-1273 CVE-2018-1273: RCE with Spring Data Commons pivotalio/security/cve-2018-1273 Application githubcom/spring-projects/spring-data-examples/tree/master/web/example Build $ docker build -t cve-2018-1273 Run $ docker run -d -p 8080:8080 cve-2018-1273 Web localhost:8080/users/ Attack $ curl -v -d 'username[

CVE-2018-1273 Spring Data Commons, versions prior to 113 to 11310, 20 to 205, and older unsupported versions, contain a property binder vulnerability caused by improper neutralization of special elements An unauthenticated remote malicious user (or attacker) can supply specially crafted request parameters against Spring Data REST backed HTTP resources or using Spring Dat

CVE-2018-1273 Spring Data Commons, versions prior to 113 to 11310, 20 to 205, and older unsupported versions, contain a property binder vulnerability caused by improper neutralization of special elements An unauthenticated remote malicious user (or attacker) can supply specially crafted request parameters against Spring Data REST backed HTTP resources or using Spring Dat

DISCLAIMER: This repository is supplementary to the VGS blog post, How to Avoid "Using Components with Known Vulnerabilities" It contains an application with a known security vulnerability (namely, CVE-2017-8046), as well as the description of how to exploit it Use the application at your own risk! Setting Up First, start the application by executing the following c

我的漏洞复现记录(持续更新中) TYPE VERSION CVE-NO STATUS RESULT REFERENCE apache CVE-2016-5003 FINISH FAIL 0ang3elblogspotru/2016/07/beware-of-ws-xmlrpc-library-in-yourhtml CVE-2016-5002 FINISH PASS 0ang3elblogspotru/2016/07/beware-of-ws-xmlrpc-library-in-yourhtml 中间件漏洞 Tomcat 7086 CVE-2016-8735 FINISH PASS gv7

gocarts(go-CERT-alerts-summarizer) gocarts checks alerts of X-CERT (eg JPCERT, US-CERT) This project refers to knqyf263/gost Abstract gocarts is written in Go, and therefore you can just grab the binary releases and drop it in your $PATH gocarts summarizes alerts by CVE ID You can search alert's detail by CVE ID Main features gocarts has the following features S

Awesome CVE PoC A curated list of CVE PoCs Here is a collection about Proof of Concepts of Common Vulnerabilities and Exposures, and you may also want to check out awesome-web-security Please read the contribution guidelines before contributing This repo is full of PoCs for CVEs If you enjoy this awesome list and would like to support it, check out my Patreon page :

References