{ "threat_severity" : "Critical", "public_date" : "2018-04-09T19:00:00Z", "bugzilla" : { "description" : "spring-framework: Address partial fix for CVE-2018-1270", "id" : "1565307", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1565307" }, "cvss3" : { "cvss3_base_score" : "9.8", "cvss3_scoring_vector" : "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "status" : "verified" }, "cwe" : "CWE-20", "details" : [ "Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.16 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a remote code execution attack. This CVE addresses the partial fix for CVE-2018-1270 in the 4.3.x branch of the Spring Framework." ], "affected_release" : [ { "product_name" : "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R8", "release_date" : "2018-10-17T00:00:00Z", "advisory" : "RHSA-2018:2939", "cpe" : "cpe:/a:redhat:jboss_fuse:6.3" }, { "product_name" : "Red Hat Openshift Application Runtimes", "release_date" : "2018-05-03T00:00:00Z", "advisory" : "RHSA-2018:1320", "cpe" : "cpe:/a:redhat:openshift_application_runtimes:1.0" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "springframework", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Fuse 7", "fix_state" : "Not affected", "package_name" : "spring", "cpe" : "cpe:/a:redhat:jboss_fuse:7" }, { "product_name" : "Red Hat JBoss A-MQ 6", "fix_state" : "Not affected", "package_name" : "spring", "cpe" : "cpe:/a:redhat:jboss_amq:6" }, { "product_name" : "Red Hat JBoss BRMS 6", "fix_state" : "Not affected", "package_name" : "spring", "cpe" : "cpe:/a:redhat:jboss_enterprise_brms_platform:6" }, { "product_name" : "Red Hat JBoss Data Virtualization 6", "fix_state" : "Not affected", "package_name" : "spring", "cpe" : "cpe:/a:redhat:jboss_data_virtualization:6" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 5", "fix_state" : "Not affected", "package_name" : "jbossweb", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:5" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 6", "fix_state" : "Not affected", "package_name" : "jbossweb", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:6" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7", "fix_state" : "Not affected", "package_name" : "undertow-core", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7" }, { "product_name" : "Red Hat JBoss Enterprise Web Server 2", "fix_state" : "Not affected", "package_name" : "tomcat", "cpe" : "cpe:/a:redhat:jboss_enterprise_web_server:2" }, { "product_name" : "Red Hat JBoss Fuse 6", "fix_state" : "Affected", "package_name" : "spring", "cpe" : "cpe:/a:redhat:jboss_fuse:6", "impact" : "important" }, { "product_name" : "Red Hat JBoss Fuse Integration Service 2", "fix_state" : "Affected", "package_name" : "spring", "cpe" : "cpe:/a:redhat:fuse_integration_services:2", "impact" : "important" }, { "product_name" : "Red Hat JBoss Web Server 3", "fix_state" : "Not affected", "package_name" : "tomcat", "cpe" : "cpe:/a:redhat:jboss_enterprise_web_server:3" }, { "product_name" : "Red Hat Mobile Application Platform 4", "fix_state" : "Not affected", "package_name" : "spring", "cpe" : "cpe:/a:redhat:mobile_application_platform:4" }, { "product_name" : "Red Hat Storage 3", "fix_state" : "Not affected", "package_name" : "rhevm-dependencies", "cpe" : "cpe:/a:redhat:storage:3" }, { "product_name" : "Red Hat Virtualization 4", "fix_state" : "Not affected", "package_name" : "rhevm-dependencies", "cpe" : "cpe:/o:redhat:rhev_hypervisor:4" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2018-1275\nhttps://nvd.nist.gov/vuln/detail/CVE-2018-1275" ], "name" : "CVE-2018-1275", "csaw" : false }