{"vulnerability": "CVE-2018-1270", "sightings": [{"uuid": "17f71054-0922-4d0c-a82b-4e6d458e2b5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-1270", "type": "seen", "source": "https://t.me/arpsyndicate/1480", "content": "#ExploitObserverAlert\n\nCVE-2018-1270\n\nDESCRIPTION: Exploit Observer has 60 entries related to CVE-2018-1270. Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a remote code execution attack.\n\nFIRST-EPSS: 0.859620000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-06T12:28:09.000000Z"}, {"uuid": "7cbd8d02-ea7d-4418-8021-f1ca8d04e14a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-1270", "type": "seen", "source": "https://t.me/cRyPtHoN_INFOSEC_DE/144", "content": "Patchday: Schwerwiegende Sicherheitsl\u00fccke in SAP HANA Streaming Analytics\n\nSAP hat Updates ver\u00f6ffentlicht, die unter anderem eine kritische Schwachstelle im Software-Portfolio des Herstellers schlie\u00dfen.\n\nAm Patchday in diesem Monat hat der Softwarehersteller SAP elf Sicherheitshinweise ver\u00f6ffentlicht. Besonders Nutzer von SAP HANA Streaming Analytics sollten die verf\u00fcgbaren Updates installieren.\n\nAngreifer k\u00f6nnten Systeme mit der Software mittels einfachen Anfragen aus der Ferne attackieren, um Schadcode auszuf\u00fchren. Die Schwachstelle (CVE-2018-1270, CVE-2018-1275) steckt in verschiedenen Versionen des Spring Framework, dass SAP HANA Streaming Analytics nutzt. SAP stuft den Bedrohungsgrad der L\u00fccke als \"kritisch\" ein.\n\nSchwachstellen in BusinessObjects BI Platform Server, Disclosure Management, Fiori Client und SAP_ABA sind mit \"hoch\" eingestuft. Die betroffenen Versionen der Software kann man im Sicherheitscenter von SAP einsehen.\nNutzen Angreifer die L\u00fccken aus, k\u00f6nnten sie unter anderem Systeme via DoS-Attacke lahmlegen. Sechs L\u00fccken in weiterer Software wie NetWeaver sind mit dem Angriffsrisiko \"mittel\" versehen.\n\nheise.de\n\n\ud83d\udce1 @cRyPtHoN_INFOSEC_DE", "creation_timestamp": "2018-11-15T11:16:14.000000Z"}, {"uuid": "284c716d-652a-47fc-924d-32413356f885", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-1270", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3675", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2018-1275\n\ud83d\udd25 CVSS Score: 9.8 (CVSS_V3)\n\ud83d\udd39 Description: Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.16 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a remote code execution attack. This CVE addresses the partial fix for CVE-2018-1270 in the 4.3.x branch of the Spring Framework.\n\ud83d\udccf Published: 2018-10-17T20:28:00Z\n\ud83d\udccf Modified: 2025-01-31T19:03:33Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2018-1275\n2. https://github.com/spring-projects/spring-framework/commit/0009806debb578e884f6dc98bd1f2dc668020021\n3. https://github.com/spring-projects/spring-framework/commit/e0de9126ed8cf25cf141d3e66420da94e350708a\n4. https://access.redhat.com/errata/RHSA-2018:1320\n5. https://access.redhat.com/errata/RHSA-2018:2939\n6. https://github.com/spring-projects/spring-framework\n7. https://lists.apache.org/thread.html/4ed49b103f64a0cecb38064f26cbf1389afc12124653da2d35166dbe@%3Cissues.activemq.apache.org%3E\n8. https://lists.apache.org/thread.html/ab825fcade0b49becfa30235b3d54f4a51bb74ea96b6c9adb5d1378c@%3Cissues.activemq.apache.org%3E\n9. https://lists.apache.org/thread.html/dcf8599b80e43a6b60482607adb76c64672772dc2d9209ae2170f369@%3Cissues.activemq.apache.org%3E\n10. https://pivotal.io/security/cve-2018-1275\n11. https://web.archive.org/web/20190901081835/http://www.securitytracker.com/id/1041301\n12. https://web.archive.org/web/20200227033125/http://www.securityfocus.com/bid/103771\n13. https://www.oracle.com/security-alerts/cpujul2020.html\n14. https://www.oracle.com/security-alerts/cpuoct2021.html\n15. https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html\n16. https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html\n17. http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html\n18. http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "creation_timestamp": "2025-01-31T19:15:57.000000Z"}]}