Lucene search

K

DellCVELIST:CVE-2018-1258

HistoryMay 09, 2018 - 12:00 a.m.

CVE-2018-1258

2018-05-0900:00:00

dell

www.cve.org

1

9.2 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

75.2%

Spring Framework version 5.0.5 when used in combination with any versions of Spring Security contains an authorization bypass when using method security. An unauthorized malicious user can gain unauthorized access to methods that should be restricted.

CNA Affected

[
  {
    "product": "Spring Framework",
    "vendor": "Pivotal",
    "versions": [
      {
        "status": "affected",
        "version": "5.0.5"
      }
    ]
  }
]

References

www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

www.securityfocus.com/bid/104222

www.securitytracker.com/id/1041888

www.securitytracker.com/id/1041896

access.redhat.com/errata/RHSA-2019:2413

pivotal.io/security/cve-2018-1258

security.netapp.com/advisory/ntap-20181018-0002/

www.oracle.com/security-alerts/cpuapr2020.html

www.oracle.com/security-alerts/cpujan2020.html

www.oracle.com/security-alerts/cpujan2021.html

www.oracle.com/security-alerts/cpujul2020.html

www.oracle.com/security-alerts/cpuoct2021.html

www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

9.2 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

75.2%

Related for CVELIST:CVE-2018-1258

redhatcve1 osv1 veracode1 prion1 ubuntucve1 github1 f51 cve1 nvd1 symantec1 nessus7 redhat1 myhack581 ibm1 oracle10