CVE-2018-1199

EPSS 1.51%
Veröffentlicht 16.03.2018 20:29:00
Zuletzt bearbeitet 21.11.2024 03:59:22
Quelle security_alert@emc.com
Teams Watchlist Login
Unerledigt Login

Spring Security (Spring Security 4.1.x before 4.1.5, 4.2.x before 4.2.4, and 5.0.x before 5.0.1; and Spring Framework 4.3.x before 4.3.14 and 5.0.x before 5.0.3) does not consider URL path parameters when processing security constraints. By adding a URL path parameter with special encodings, an attacker may be able to bypass a security constraint. The root cause of this issue is a lack of clarity regarding the handling of path parameters in the Servlet Specification. Some Servlet containers include path parameters in the value returned for getPathInfo() and some do not. Spring Security uses the value returned by getPathInfo() as part of the process of mapping requests to security constraints. In this particular attack, different character encodings used in path parameters allows secured Spring MVC static resource URLs to be bypassed.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 9

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

VMware ≫ Spring Framework Version >= 4.3.0 < 4.3.14

VMware ≫ Spring Framework Version >= 5.0.0 < 5.0.3

VMware ≫ Spring Security Version >= 4.1.0 < 4.1.5

VMware ≫ Spring Security Version >= 4.2.0 < 4.2.4

VMware ≫ Spring Security Version >= 5.0.0 < 5.0.1

Redhat ≫ Fuse Version1.0

Oracle ≫ Rapid Planning Version12.1

Oracle ≫ Rapid Planning Version12.2

Oracle ≫ Retail Xstore Point Of Service Version7.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.51%	0.804

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

https://www.oracle.com/security-alerts/cpujul2020.html

Third Party Advisory

https://access.redhat.com/errata/RHSA-2018:2405

Third Party Advisory

https://lists.apache.org/thread.html/4ed49b103f64a0cecb38064f26cbf1389afc12124653da2d35166dbe%40%3Cissues.activemq.apache.org%3E

https://lists.apache.org/thread.html/ab825fcade0b49becfa30235b3d54f4a51bb74ea96b6c9adb5d1378c%40%3Cissues.activemq.apache.org%3E

https://lists.apache.org/thread.html/dcf8599b80e43a6b60482607adb76c64672772dc2d9209ae2170f369%40%3Cissues.activemq.apache.org%3E

https://pivotal.io/security/cve-2018-1199

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2018-1199

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2018-1199

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2018-1199

EUVD