CVE-2018-1273

CRITICAL CISA KEV EPSS 99.9%
Published Apr 11, 20188y ago · Modified Jun 26, 20264d ago
9.8 CVSS 3.1
Critical
Find Similar
Published Apr 11, 2018 8y ago
Last Modified Jun 26, 2026 4d ago
KEV Listed Mar 25, 2022 4y ago
KEV Due Apr 15, 2022 1538d overdue

Description

Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property binder vulnerability caused by improper neutralization of special elements. An unauthenticated remote malicious user (or attacker) can supply specially crafted request parameters against Spring Data REST backed HTTP resources or using Spring Data's projection-based request payload binding hat can lead to a remote code execution attack.

CVSS Details

Base Score
9.8
Exploitability
3.9
Impact
5.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

CISA Known Exploited Overdue 1538d
Added
Mar 25, 2022
Due
Apr 15, 2022

Apply updates per vendor instructions.

EPSS Exploit Probability
99.9% percentile
Exploit & Patch Status
Actively Exploited (KEV)
Patch Available

Weaknesses 1

CWE-94 Improper Control of Generation of Code (Code Injection) Injection

Affected Products 11

VendorProductVersionRange
broadcomspring_data_commons* ≤1.12.10
broadcomspring_data_commons*≥1.13.0  –  ≤1.13.10
broadcomspring_data_commons*≥2.0.0  –  ≤2.0.5
pivotal_softwarespring_data_rest*≥3.0.0  –  ≤3.0.5
vmwarespring_data_rest* ≤2.5.10
vmwarespring_data_rest*≥2.6.0  –  ≤2.6.10
apacheignite*≥1.0.1  –  ≤2.5.0
apacheignite1.0.0any
apacheignite1.0.0any
oraclefinancial_services_crime_and_compliance_management_studio8.0.8.2.0any
oraclefinancial_services_crime_and_compliance_management_studio8.0.8.3.0any

References 4

  • mail-archives.apache.org http://mail-archives.apache.org/mod_mbox/ignite-dev/201807.mbox/%3CCAK0qHnqzfzmCDFFi6c5Jok19zNkVCz5Xb4sU%3D0f2J_1i4p46zQ%40mail.gmail.com%3E
    Mailing ListThird Party Advisory
  • pivotal.io https://pivotal.io/security/cve-2018-1273
    Vendor Advisory
  • cisa.gov https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-1273
    US Government Resource
  • oracle.com https://www.oracle.com/security-alerts/cpujul2022.html
    PatchThird Party Advisory

Remediation

  • oracle.com https://www.oracle.com/security-alerts/cpujul2022.html
    PatchThird Party Advisory