SB2018051507 - Multiple vulnerabilities in Pivotal Spring Framework

Description

This security bulletin contains information about 3 secuirty vulnerabilities.

1) Improper input validation (CVE-ID: CVE-2018-1257)

The vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.

The weakness exists in the spring-messaging module due to improper processing of messages by applications, which expose Simple Text Orientated Messaging Protocol (STOMP) over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A remote attacker can send a specially crafted message and conduct ReDoS attack.

2) Missing authorization (CVE-ID: CVE-2018-1258)

The vulnerability allows a remote unauthenticated attacker to bypass security restrictions on the target system.

The weakness exists due to improper security restrictions when using Spring Security method security. A remote attacker can submit a specially crafted request, bypass authorization restrictions and gain unauthorized access to certain methods that should be restricted. 

3) Improper input validation (CVE-ID: CVE-2018-1260)

The vulnerability allows a remote unauthenticated attacker to execute arbitrary code on the target system.

The weakness exists due to improper validation of user-supplied input. A remote attacker can send a specially crafted authorization request to the target authorization endpoint and execute arbitrary code when the resource owner is forwarded to the approval endpoint.

Successful exploitation of the vulnerability may result in system compromise.

Remediation

Install update from vendor's website.

References

• https://pivotal.io/security/cve-2018-1257
• https://pivotal.io/security/cve-2018-1258
• https://pivotal.io/security/cve-2018-1260