Published: 18/10/2018 Updated: 07/11/2023

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Spring Framework, version 5.1, versions 5.0.x before 5.0.10, versions 4.3.x before 4.3.20, and older unsupported versions on the 4.2.x branch provide support for range requests when serving static resources through the ResourceHttpRequestHandler, or starting in 5.0 when an annotated controller returns an org.springframework.core.io.Resource. A malicious user (or attacker) can add a range header with a high number of ranges, or with wide ranges that overlap, or both, for a denial of service attack. This vulnerability affects applications that depend on either spring-webmvc or spring-webflux. Such applications must also have a registration for serving static resources (e.g. JS, CSS, images, and others), or have an annotated controller that returns an org.springframework.core.io.Resource. Spring Boot applications that depend on spring-boot-starter-web or spring-boot-starter-webflux are ready to serve static resources out of the box and are therefore vulnerable.

Vulnerable Product	Search on Vulmon	Subscribe to Product
vmware spring framework
vmware spring framework 5.1.0
oracle flexcube private banking 12.1.0
oracle insurance policy administration j2ee 10.2.0
oracle retail xstore point of service 7.1
oracle weblogic server 12.1.3.0.0
oracle retail invoice matching 13.0
oracle flexcube private banking 12.0.1
oracle primavera gateway 16.2
oracle primavera gateway 15.2
oracle retail invoice matching 12.0
oracle flexcube private banking 12.0.3
oracle insurance rules palette 10.2.0
oracle retail service backbone 15.0
oracle retail integration bus 15.0
oracle weblogic server 10.3.6.0.0
oracle weblogic server 12.2.1.3.0
oracle communications unified inventory management 7.3
oracle enterprise manager ops center 12.3.3
oracle webcenter sites 12.2.1.3.0
oracle endeca information discovery integrator 3.2.0
oracle insurance rules palette 10.0
oracle insurance rules palette 10.2
oracle healthcare master person index 3.0
oracle insurance calculation engine 10.2
oracle retail predictive application server 16.0
oracle retail order broker 5.1
oracle retail order broker 5.2
oracle retail order broker 15.0
oracle retail order broker 16.0
oracle insurance rules palette 10.1
oracle insurance rules palette 11.0
oracle primavera gateway 17.12
oracle retail integration bus 16.0
oracle retail assortment planning 15.0
oracle communications converged application server - service controller 6.1
oracle communications online mediation controller 6.1
oracle retail predictive application server 15.0.3
oracle retail clearance optimization engine 14.0.5
oracle agile plm 9.3.3
oracle agile plm 9.3.4
oracle agile plm 9.3.5
oracle agile plm 9.3.6
oracle retail assortment planning 16.0
oracle retail financial integration 14.0
oracle retail financial integration 14.1
oracle retail financial integration 15.0
oracle retail financial integration 16.0
oracle communications unified inventory management 7.4.0
oracle retail invoice matching 13.1
oracle retail invoice matching 13.2
oracle retail invoice matching 14.0
oracle retail invoice matching 14.1
oracle insurance policy administration j2ee 10.0
oracle insurance policy administration j2ee 10.2
oracle weblogic server 12.2.1.4.0
oracle rapid planning 12.1
oracle rapid planning 12.2
oracle mysql enterprise monitor
oracle communications element manager 8.2.0
oracle communications element manager 8.2.1
oracle communications element manager 8.1.1
oracle enterprise manager for fusion applications 13.3.0.0
oracle communications session report manager 8.1.1
oracle communications session report manager 8.2.0
oracle communications session report manager 8.2.1
oracle communications session route manager 8.1.1
oracle communications session route manager 8.2.0
oracle communications session route manager 8.2.1
oracle goldengate application adapters 12.3.2.1.0
oracle identity manager connector 9.0
oracle communications diameter signaling router 8.2.1
oracle communications diameter signaling router 8.0.0
oracle communications diameter signaling router 8.1
oracle communications diameter signaling router 8.2
oracle retail service backbone 16.0
oracle retail integration bus 15.0.3
oracle financial services analytical applications infrastructure
oracle primavera gateway 18.8.0
oracle communications session route manager 8.0.0
oracle communications session route manager 8.1.0
oracle communications session report manager 8.0.0
oracle communications session report manager 8.1.0
oracle tape library acsls 8.5
oracle retail predictive application server 14.0.3
oracle retail integration bus 16.0.3
oracle insurance rules palette 10.2.4
oracle insurance rules palette 11.0.2
oracle insurance rules palette 11.1.0
oracle insurance rules palette 11.2.0
oracle insurance policy administration j2ee 10.2.4
oracle insurance policy administration j2ee 11.1.0
oracle insurance policy administration j2ee 11.2.0
oracle healthcare master person index 4.0.2
oracle retail predictive application server 14.1.3
oracle retail advanced inventory planning 15.0
oracle communications brm - elastic charging engine 12.0
oracle communications brm - elastic charging engine 11.3
oracle retail predictive application server 16.0.3
oracle retail markdown optimization 13.4.4
oracle retail predictive application server 14.1.3.37
oracle retail predictive application server 14.0.3.26
oracle retail predictive application server 15.0.3.100
oracle retail service backbone 16.0.1
oracle communications converged application server - service controller 6.0
oracle insurance policy administration j2ee 10.1
oracle insurance policy administration j2ee 11.0
oracle insurance calculation engine 9.7
oracle insurance calculation engine 10.0
oracle insurance calculation engine 10.1
oracle primavera analytics 18.8
debian debian linux 9.0

Debian Bug report logs - #911786 libspring-java: CVE-2018-15756 Package: src:libspring-java; Maintainer for src:libspring-java is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 24 Oct 2018 19:06:01 UTC Severity: important Tags: ...

Synopsis Important: Red Hat AMQ Broker 744 release and security update Type/Severity Security Advisory: Important Topic Red Hat AMQ Broker 744 is now available from the Red Hat Customer PortalRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability ...

Synopsis Important: Red Hat Fuse 760 security update Type/Severity Security Advisory: Important Topic A minor version update (from 75 to 76) is now available for Red Hat Fuse The purpose of this text-only errata is to inform you about the security issues fixed in this releaseRed Hat Product Security h ...

Spring Framework, version 51, versions 50x prior to 5010, versions 43x prior to 4320, and older unsupported versions on the 42x branch provide support for range requests when serving static resources through the ResourceHttpRequestHandler, or starting in 50 when an annotated controller returns an orgspringframeworkcoreioResource A ...

NVD-CWE-noinfo https://pivotal.io/security/cve-2018-15756 http://www.securityfocus.com/bid/105703 https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html https://www.oracle.com/security-alerts/cpujan2020.html https://www.oracle.com/security-alerts/cpuapr2020.html https://www.oracle.com/security-alerts/cpujul2020.html https://www.oracle.com/security-alerts/cpujan2021.html https://lists.debian.org/debian-lts-announce/2021/04/msg00022.html https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuoct2021.html https://lists.apache.org/thread.html/a3071e11c6fbd593022074ec1b4693f6d948c2b02cfa4a5d854aed68%40%3Cissues.activemq.apache.org%3E https://lists.apache.org/thread.html/339fd112517e4873695b5115b96acdddbfc8f83b10598528d37c7d12%40%3Cissues.activemq.apache.org%3E https://lists.apache.org/thread.html/d6a84f52db89804b0ad965f3ea2b24bb880edee29107a1c5069cc3dd%40%3Cissues.activemq.apache.org%3E https://lists.apache.org/thread.html/bb354962cb51fff65740d5fb1bc2aac56af577c06244b57c36f98e4d%40%3Cissues.activemq.apache.org%3E https://lists.apache.org/thread.html/7b156ee50ba3ecce87b33c06bf7a749d84ffee55e69bfb5eca88fcc3%40%3Cissues.activemq.apache.org%3E https://lists.apache.org/thread.html/77886fec378ee6064debb1efb6b464a4a0173b2ff0d151ed86d3a228%40%3Cissues.activemq.apache.org%3E https://lists.apache.org/thread.html/8a1fe70534fc52ff5c9db5ac29c55657f802cbefd7e9d9850c7052bd%40%3Cissues.activemq.apache.org%3E https://lists.apache.org/thread.html/efaa52b0aa67aae7cbd9e6ef96945387e422d7ce0e65434570a37b1d%40%3Cissues.activemq.apache.org%3E https://lists.apache.org/thread.html/f8905507a2c94af6b08b72d7be0c4b8c6660e585f00abfafeccc86bc%40%3Cissues.activemq.apache.org%3E https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=911786 https://nvd.nist.gov

Get Started

CVE-2018-15756

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect