Vulnerability CVE-2018-1270

Vulnerability CVE-2018-1270

Published: 2018-04-06

Description:

	Topic	Author	Date
Med.	Pivotal Spring Java Framework < 5.0 Remote Code Execution	JameelNabbo	30.05.2018

Type:

(Improperly Implemented Security Check for Standard)

CVSS Base Score	Impact Subscore	Exploitability Subscore
7.5/10	6.4/10	10/10

Affected software
Pivotal software -> Spring framework
Oracle -> Retail open commerce platform
Oracle -> Retail order broker
Oracle -> Application testing suite
Oracle -> Retail point-of-sale
Oracle -> Big data discovery
Oracle -> Retail predictive application server
Oracle -> Communications diameter signaling router
Oracle -> Retail returns management
Oracle -> Enterprise manager ops center
Oracle -> Service architecture leveraging tuxedo
Oracle -> Goldengate for big data
Oracle -> Tape library acsls
Oracle -> Health sciences information manager
Oracle -> Healthcare master person index
Oracle -> Insurance calculation engine
Oracle -> Insurance rules palette
Oracle -> Primavera gateway
Oracle -> Retail back office
Oracle -> Retail central office
Oracle -> Retail customer insights
Oracle -> Retail integration bus

http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

http://www.securityfocus.com/bid/103696

https://access.redhat.com/errata/RHSA-2018:2939

https://lists.apache.org/thread.html/4ed49b103f64a0cecb38064f26cbf1389afc12124653da2d35166dbe@%3Cissues.activemq.apache.org%3E

https://pivotal.io/security/cve-2018-1270

https://www.exploit-db.com/exploits/44796/

https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html