Lucene search
K

7 matches found

F5 Networks
F5 Networks
added 2023/02/21 6:46 p.m.59 views

K18193959: Spring Framework vulnerability CVE-2018-1258

Security Advisory Description Spring Security in combination with Spring Framework versions prior to 5.0.6 contains an authorization bypass when using method security. An unauthorized malicious user can gain unauthorized access to methods that should be restricted. CVE-2018-1258 Impact Traffix SD...

8.8CVSS7.6AI score0.02427EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/07/24 12:0 a.m.100 views

MySQL Enterprise Monitor 3.4.x < 3.4.10 / 4.x < 4.0.7 / 8.x < 8.0.3 Multiple Vulnerabilities (Oct 2018 CPU)

According to its self-reported version, the MySQL Enterprise Monitor running on the remote host is affected by the following vulnerabilities in its subcomponents: - Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is...

9.8CVSS8AI score0.99993EPSS
Exploits41References4
Tenable Nessus
Tenable Nessus
added 2020/03/05 12:0 a.m.63 views

Oracle GoldenGate for Big Data 12.2.0.1.x < 12.2.0.1.10 / 12.3.1.1.x < 12.3.1.1.6 Multiple Vulnerabilities (Oct 2018 CPU)

The version of Oracle GoldenGate for Big Data application located on the remote host is 12.2.0.1.x less than 12.2.0.1.10 or 12.3.1.1.x less than 12.3.1.1.6. It is, therefore, affected by multiple vulnerabilities : - An unspecified vulnerability exists in Oracle GoldenGate for Big Data. An...

9.8CVSS8.2AI score0.57632EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2019/04/18 12:0 a.m.110 views

Oracle WebLogic Server Multiple Vulnerabilities (Apr 2019 CPU)

The version of Oracle WebLogic Server installed on the remote host is affected by multiple vulnerabilities: - An unspecified vulnerability in the Spring Framework allows a low privileged, remote attacker with network access via HTTP to compromise and takeover the Oracle Communications Unified...

9.8CVSS6.5AI score0.39263EPSS
Exploits2References12
OSV
OSV
added 2018/05/11 8:29 p.m.5 views

CVE-2018-1258

Spring Framework version 5.0.5 when used in combination with any versions of Spring Security contains an authorization bypass when using method security. An unauthorized malicious user can gain unauthorized access to methods that should be restricted...

8.8CVSS8.7AI score0.02427EPSS
Exploits0References16
CVE
CVE
added 2018/05/11 8:0 p.m.250 views

CVE-2018-1258

CVE-2018-1258 affects Spring Framework 5.0.5 when used with any Spring Security version, enabling an authorization bypass for method security. An unauthorized user could access restricted methods. The connected advisory from F5 reiterates the same vulnerability description and lists affected prod...

8.8CVSS9AI score0.02427EPSS
Exploits0References16Affected Software2
Symantec
Symantec
added 2018/05/09 12:0 a.m.50 views

Spring Security and Spring Framework CVE-2018-1258 Authorization Bypass Vulnerability

...

6.5CVSS2.3AI score0.02427EPSS
Exploits0Affected Software30
Rows per page
Query Builder