Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

fstec логотип

BDU:2019-01754

Опубликовано: 18 окт. 2018
Источник: fstec
CVSS3: 7.5
CVSS2: 7.8
EPSS Средний

Описание

Уязвимость реализации класса ResourceHttpRequestHandler программной платформы Spring Framework связана с ошибками управления ресурсом. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, вызвать отказ в обслуживании

Вендор

Oracle Corp.
Pivotal Software Inc.
АО «Концерн ВНИИНС»

Наименование ПО

WebLogic Server
Enterprise Manager Ops Center
Oracle Endeca Information Discovery Integrator
WebCenter Sites
Spring Framework
Oracle Retail Invoice Matching
Oracle Retail Order Broker
Enterprise Manager Base Platform
Oracle Communications Unified Inventory Management
Oracle FLEXCUBE Private Banking
Oracle Utilities Network Management System
Insurance Policy Administration J2EE
Primavera Gateway
Financial Services Analytical Applications Infrastructure
Oracle Retail Clearance Optimization Engine
Oracle Retail Markdown Optimization
Tape Library ACSLS
Communications Online Mediation Controller
Primavera Analytics
GoldenGate
Retail Integration Bus
Communications Converged Application Server
Oracle Retail Predictive Application Server
Oracle Communications Session Report Manager
Oracle Communications Session Route Manager
Communications Diameter Signaling Router
Oracle Agile PLM Framework
Identity Manager Connector
Oracle Insurance Calculation Engine
Oracle Insurance Rules Palette
MySQL Enterprise Monitor
Retail Advanced Inventory Planning
Oracle Retail Financial Integration
Oracle Retail Service Backbone
Oracle GoldenGate Application Adapters
Oracle Healthcare Master Person Index
Enterprise Manager for Fusion Applications
ОС ОН «Стрелец»

Версия ПО

10.3.6.0.0 (WebLogic Server)
12.1.3.0.0 (WebLogic Server)
12.3.3 (Enterprise Manager Ops Center)
3.2.0 (Oracle Endeca Information Discovery Integrator)
12.2.1.3.0 (WebLogic Server)
12.2.1.3.0 (WebCenter Sites)
от 4.2.0 до 4.2.9 включительно (Spring Framework)
от 4.3.0 до 4.3.20 (Spring Framework)
от 5.0.0 до 5.0.10 (Spring Framework)
12.0 (Oracle Retail Invoice Matching)
13.0 (Oracle Retail Invoice Matching)
13.1 (Oracle Retail Invoice Matching)
13.2 (Oracle Retail Invoice Matching)
14.0 (Oracle Retail Invoice Matching)
14.1 (Oracle Retail Invoice Matching)
5.1 (Oracle Retail Order Broker)
5.2 (Oracle Retail Order Broker)
15.0 (Oracle Retail Order Broker)
16.0 (Oracle Retail Order Broker)
13.2.0.0.0 (Enterprise Manager Base Platform)
13.3.0.0.0 (Enterprise Manager Base Platform)
12.1.0.5.0 (Enterprise Manager Base Platform)
7.3.2 (Oracle Communications Unified Inventory Management)
7.3.4 (Oracle Communications Unified Inventory Management)
7.3.5 (Oracle Communications Unified Inventory Management)
2.0.0.0 (Oracle FLEXCUBE Private Banking)
2.2.0.1 (Oracle FLEXCUBE Private Banking)
12.0.1.0 (Oracle FLEXCUBE Private Banking)
12.0.3.0 (Oracle FLEXCUBE Private Banking)
12.1.0.0 (Oracle FLEXCUBE Private Banking)
1.12.0.3 (Oracle Utilities Network Management System)
10.0 (Insurance Policy Administration J2EE)
10.2 (Insurance Policy Administration J2EE)
15.2 (Primavera Gateway)
16.2 (Primavera Gateway)
17.12 (Primavera Gateway)
18.8 (Primavera Gateway)
от 8.0.2 до 8.0.8 включительно (Financial Services Analytical Applications Infrastructure)
14.0.5 (Oracle Retail Clearance Optimization Engine)
13.4.4 (Oracle Retail Markdown Optimization)
7.3 (Oracle Communications Unified Inventory Management)
7.4 (Oracle Communications Unified Inventory Management)
8.5 (Tape Library ACSLS)
6.1 (Communications Online Mediation Controller)
18.8 (Primavera Analytics)
12.3.2.1.0 (GoldenGate)
15.0 (Retail Integration Bus)
16.0 (Retail Integration Bus)
6.0 (Communications Converged Application Server)
6.1 (Communications Converged Application Server)
16.0 (Oracle Retail Predictive Application Server)
14.0.3.26 (Oracle Retail Predictive Application Server)
14.1.3.37 (Oracle Retail Predictive Application Server)
15.0.3.100 (Oracle Retail Predictive Application Server)
8.0.0 (Oracle Communications Session Report Manager)
8.1.0 (Oracle Communications Session Report Manager)
8.1.1 (Oracle Communications Session Report Manager)
8.0.0 (Oracle Communications Session Route Manager)
8.1.0 (Oracle Communications Session Route Manager)
8.1.1 (Oracle Communications Session Route Manager)
8.0.0 (Communications Diameter Signaling Router)
8.1.0 (Communications Diameter Signaling Router)
8.2.0 (Communications Diameter Signaling Router)
8.2.1 (Communications Diameter Signaling Router)
от 9.3.3 до 9.3.6 включительно (Oracle Agile PLM Framework)
9.0 (Identity Manager Connector)
9.7 (Oracle Insurance Calculation Engine)
10.0 (Oracle Insurance Calculation Engine)
10.1 (Oracle Insurance Calculation Engine)
10.2 (Oracle Insurance Calculation Engine)
10.1 (Insurance Policy Administration J2EE)
11.0 (Insurance Policy Administration J2EE)
10.0 (Oracle Insurance Rules Palette)
10.1 (Oracle Insurance Rules Palette)
10.2 (Oracle Insurance Rules Palette)
11.0 (Oracle Insurance Rules Palette)
от 4.0.0 до 4.0.9 включительно (MySQL Enterprise Monitor)
от 8.0.0 до 8.0.14 включительно (MySQL Enterprise Monitor)
15.0 (Retail Advanced Inventory Planning)
14.0 (Oracle Retail Financial Integration)
14.1 (Oracle Retail Financial Integration)
15.0 (Oracle Retail Financial Integration)
16.0 (Oracle Retail Financial Integration)
16.0.1 (Oracle Retail Service Backbone)
12.3.2.1.0 (Oracle GoldenGate Application Adapters)
3.0 (Oracle Healthcare Master Person Index)
13.3.0.0 (Enterprise Manager for Fusion Applications)
до 16.01.2023 (ОС ОН «Стрелец»)

Тип ПО

Сетевое программное средство
Прикладное ПО информационных систем
Программное средство защиты
ПО сетевого программно-аппаратного средства
Операционная система

Операционные системы и аппаратные платформы

АО «Концерн ВНИИНС» ОС ОН «Стрелец» до 16.01.2023

Уровень опасности уязвимости

Высокий уровень опасности (базовая оценка CVSS 2.0 составляет 7,8)
Высокий уровень опасности (базовая оценка CVSS 3.0 составляет 7,5)

Возможные меры по устранению уязвимости

Использование рекомендаций:
Для программной платформы Spring Framework
https://pivotal.io/security/cve-2018-15756
Для программных продуктов Oracle Corp.:
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
https://www.oracle.com/security-alerts/cpujul2019.html
https://www.oracle.com/security-alerts/cpuoct2019.html
https://www.oracle.com/security-alerts/cpuapr2019.html
https://www.oracle.com/security-alerts/cpuapr2020.html
https://www.oracle.com/security-alerts/cpujan2020.html
https://www.oracle.com/security-alerts/cpujan2021.html
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
Для ОС ОН «Стрелец»:
Обновление программного обеспечения libspring-java до версии 4.3.5-1+deb9u1

Статус уязвимости

Подтверждена производителем

Наличие эксплойта

Данные уточняются

Информация об устранении

Уязвимость устранена

Ссылки на источники

Идентификаторы других систем описаний уязвимостей

EPSS

Процентиль: 94%
0.13593
Средний

7.5 High

CVSS3

7.8 High

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2018-15756

CVSS3: 7.5
ubuntu
больше 6 лет назад

Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, versions 4.3.x prior to 4.3.20, and older unsupported versions on the 4.2.x branch provide support for range requests when serving static resources through the ResourceHttpRequestHandler, or starting in 5.0 when an annotated controller returns an org.springframework.core.io.Resource. A malicious user (or attacker) can add a range header with a high number of ranges, or with wide ranges that overlap, or both, for a denial of service attack. This vulnerability affects applications that depend on either spring-webmvc or spring-webflux. Such applications must also have a registration for serving static resources (e.g. JS, CSS, images, and others), or have an annotated controller that returns an org.springframework.core.io.Resource. Spring Boot applications that depend on spring-boot-starter-web or spring-boot-starter-webflux are ready to serve static resources out of the box and are therefore vulnerable.

redhat логотип

CVE-2018-15756

CVSS3: 3.1
redhat
больше 6 лет назад

Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, versions 4.3.x prior to 4.3.20, and older unsupported versions on the 4.2.x branch provide support for range requests when serving static resources through the ResourceHttpRequestHandler, or starting in 5.0 when an annotated controller returns an org.springframework.core.io.Resource. A malicious user (or attacker) can add a range header with a high number of ranges, or with wide ranges that overlap, or both, for a denial of service attack. This vulnerability affects applications that depend on either spring-webmvc or spring-webflux. Such applications must also have a registration for serving static resources (e.g. JS, CSS, images, and others), or have an annotated controller that returns an org.springframework.core.io.Resource. Spring Boot applications that depend on spring-boot-starter-web or spring-boot-starter-webflux are ready to serve static resources out of the box and are therefore vulnerable.

nvd логотип

CVE-2018-15756

CVSS3: 7.5
nvd
больше 6 лет назад

Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, versions 4.3.x prior to 4.3.20, and older unsupported versions on the 4.2.x branch provide support for range requests when serving static resources through the ResourceHttpRequestHandler, or starting in 5.0 when an annotated controller returns an org.springframework.core.io.Resource. A malicious user (or attacker) can add a range header with a high number of ranges, or with wide ranges that overlap, or both, for a denial of service attack. This vulnerability affects applications that depend on either spring-webmvc or spring-webflux. Such applications must also have a registration for serving static resources (e.g. JS, CSS, images, and others), or have an annotated controller that returns an org.springframework.core.io.Resource. Spring Boot applications that depend on spring-boot-starter-web or spring-boot-starter-webflux are ready to serve static resources out of the box and are therefore vulnerable.

debian логотип

CVE-2018-15756

CVSS3: 7.5
debian
больше 6 лет назад

Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, version ...

github логотип

GHSA-ffvq-7w96-97p7

CVSS3: 7.5
github
около 5 лет назад

Denial of Service in Spring Framework

EPSS

Процентиль: 94%
0.13593
Средний

7.5 High

CVSS3

7.8 High

CVSS2