Vulnerability CVE-2018-11040


Published: 2018-06-25

Description:
Spring Framework, versions 5.0.x prior to 5.0.7 and 4.3.x prior to 4.3.18 and older unsupported versions, allows web applications to enable cross-domain requests via JSONP (JSON with Padding) through AbstractJsonpResponseBodyAdvice for REST controllers and MappingJackson2JsonView for browser requests. Both are not enabled by default in Spring Framework nor Spring Boot, however, when MappingJackson2JsonView is configured in an application, JSONP support is automatically ready to use through the "jsonp" and "callback" JSONP parameters, enabling cross-domain requests.

Type:

CWE-829

(Inclusion of Functionality from Untrusted Control Sphere)

CVSS2 => (AV:N/AC:M/Au:N/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.3/10
2.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None
Affected software
Pivotal software -> Spring framework 
Oracle -> Utilities network management system 
Oracle -> Weblogic server 
Oracle -> Agile product lifecycle management 
Oracle -> Application testing suite 
Oracle -> Communications unified inventory management 
Oracle -> Endeca information discovery integrator 
Oracle -> Enterprise manager 
Oracle -> Enterprise manager ops center 
Oracle -> Flexcube private banking 
Oracle -> Healthcare master person index 
Oracle -> Hospitality guest access 
Oracle -> Insurance rules palette 
Oracle -> Micros lucas 
Oracle -> Mysql enterprise monitor 
Oracle -> Product lifecycle management 
Oracle -> Retail customer insights 

 References:
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
https://pivotal.io/security/cve-2018-11040
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

Copyright 2021, cxsecurity.com

 

Back to Top