CVE-2018-1275 — Spring Framework has Improperly Implemented Security Check for Standard

Description

Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.16 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a remote code execution attack. This CVE addresses the partial fix for CVE-2018-1270 in the 4.3.x branch of the Spring Framework.

How to fix CVE-2018-1275

To remediate CVE-2018-1275, upgrade the affected package to a fixed version below.

—upgrade to 4.3.16.RELEASE or later

Is CVE-2018-1275 being exploited?

Moderate — EPSS is 38.1%. Track this CVE but it's not at the top of the prioritisation list.

Affected packages (1)

from 0, < 4.3.16.RELEASE

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	CRITICAL9.8	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References (18)

ADVISORYnvd.nist.gov/vuln/detail/CVE-2018-1275
PATCHgithub.com/spring-projects/spring-framework
WEBaccess.redhat.com/errata/RHSA-2018:1320
WEBaccess.redhat.com/errata/RHSA-2018:2939