Vulnerability CVE-2018-1272


Published: 2018-04-06

Description:
Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, provide client-side support for multipart requests. When Spring MVC or Spring WebFlux server application (server A) receives input from a remote client, and then uses that input to make a multipart request to another server (server B), it can be exposed to an attack, where an extra multipart is inserted in the content of the request from server A, causing server B to use the wrong value for a part it expects. This could to lead privilege escalation, for example, if the part content represents a username or user roles.

Type:

CWE-noinfo

CVSS2 => (AV:N/AC:M/Au:S/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6/10
6.4/10
6.8/10
Exploit range
Attack complexity
Authentication
Remote
Medium
Single time
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Pivotal software -> Spring framework 
Oracle -> Retail order broker 
Oracle -> Application testing suite 
Oracle -> Retail point-of-sale 
Oracle -> Big data discovery 
Oracle -> Retail predictive application server 
Oracle -> Communications diameter signaling router 
Oracle -> Retail returns management 
Oracle -> Enterprise manager ops center 
Oracle -> Service architecture leveraging tuxedo 
Oracle -> Goldengate for big data 
Oracle -> Tape library acsls 
Oracle -> Health sciences information manager 
Oracle -> Healthcare master person index 
Oracle -> Insurance calculation engine 
Oracle -> Insurance rules palette 
Oracle -> Primavera gateway 
Oracle -> Retail back office 
Oracle -> Retail central office 
Oracle -> Retail customer insights 
Oracle -> Retail integration bus 
Oracle -> Retail open commerce platform 

 References:
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
http://www.securityfocus.com/bid/103697
https://access.redhat.com/errata/RHSA-2018:1320
https://access.redhat.com/errata/RHSA-2018:2669
https://exchange.xforce.ibmcloud.com/vulnerabilities/141286
https://pivotal.io/security/cve-2018-1272
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

Copyright 2020, cxsecurity.com

 

Back to Top