CVE-2018-1273

Published Apr 11, 2018

Last updated 3 days ago

Exploit known CVSS critical 9.8

Overview

Description: Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property binder vulnerability caused by improper neutralization of special elements. An unauthenticated remote malicious user (or attacker) can supply specially crafted request parameters against Spring Data REST backed HTTP resources or using Spring Data's projection-based request payload binding hat can lead to a remote code execution attack.
Source: security_alert@emc.com
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 9.8
Impact score: 5.9
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: CRITICAL

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Known exploits

Data from CISA

Vulnerability name: VMware Tanzu Spring Data Commons Property Binder Vulnerability
Exploit added on: Mar 25, 2022
Exploit action due: Apr 15, 2022
Required action: Apply updates per vendor instructions.

Weaknesses

security_alert@emc.com: CWE-94
nvd@nist.gov: CWE-74

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:pivotal_software:spring_data_commons:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E09E390C-A088-48E8-B97A-7F21458CF772",
            "versionEndIncluding": "1.12.10"
          },
          {
            "criteria": "cpe:2.3:a:pivotal_software:spring_data_commons:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A6FD764D-9F91-4E33-A591-EA8CCC428225",
            "versionEndIncluding": "1.13.10",
            "versionStartIncluding": "1.13.0"
          },
          {
            "criteria": "cpe:2.3:a:pivotal_software:spring_data_commons:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7451B0C3-647A-4D67-B5A8-0CDCEDE0C1C6",
            "versionEndIncluding": "2.0.5",
            "versionStartIncluding": "2.0.0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:pivotal_software:spring_data_rest:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "833BD8AD-2792-4DCF-843D-16BC2C35B09E",
            "versionEndIncluding": "2.5.10"
          },
          {
            "criteria": "cpe:2.3:a:pivotal_software:spring_data_rest:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "64E1B34D-77D8-454F-AA8E-43E9C7DB65A6",
            "versionEndIncluding": "2.6.10",
            "versionStartIncluding": "2.6.0"
          },
          {
            "criteria": "cpe:2.3:a:pivotal_software:spring_data_rest:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "982582FD-1BC2-4431-8AAE-2771A5904FCC",
            "versionEndIncluding": "3.0.5",
            "versionStartIncluding": "3.0.0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:apache:ignite:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F234D76F-9EEA-4BF9-A8C6-56624D0BCF96",
            "versionEndIncluding": "2.5.0",
            "versionStartIncluding": "1.0.1"
          },
          {
            "criteria": "cpe:2.3:a:apache:ignite:1.0.0:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F78DC740-7A30-4F38-9289-9E0C8EF14D0F"
          },
          {
            "criteria": "cpe:2.3:a:apache:ignite:1.0.0:rc3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BE7DCCD6-7D9E-47EA-8B6E-3B83B5B06E68"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "55F091C7-0869-4FD6-AC73-DA697D990304"
          },
          {
            "criteria": "cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4D134C60-F9E2-46C2-8466-DB90AD98439E"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Known exploits

Weaknesses

Social media

Configurations

References