CVSS: 10.0EPSS: 49%CPEs: 15EXPL: 5CVE-2017-8046 – Spring Data REST < 2.6.9 (Ingalls SR9) / 3.0.1 (Kay SR1) - PATCH Request Remote Code Execution
https://notcve.org/view.php?id=CVE-2017-8046
Malicious PATCH requests submitted to servers using Spring Data REST versions prior to 2.6.9 (Ingalls SR9), versions prior to 3.0.1 (Kay SR1) and Spring Boot versions prior to 1.5.9, 2.0 M6 can use specially crafted JSON data to run arbitrary Java code. Las peticiones PATCH maliciosas enviadas a servidores que utilizan versiones Spring Data REST anteriores a la 2.6.9 (Ingalls SR9), versiones anteriores a la 3.0.1 (Kay SR1) y versiones Spring Boot anteriores a la 1.5.9, 2.0 M6 pueden utilizar datos JSON especialmente diseñados para ejecutar código Java arbitrario. Spring Data REST versions prior to 2.6.9 (Ingalls SR9) and 3.0.1 (Kay SR1) suffer from a PATCH request remote code execution vulnerability. • https://www.exploit-db.com/exploits/44289 https://github.com/Soontao/CVE-2017-8046-DEMO https://github.com/guanjivip/CVE-2017-8046 https://github.com/bkhablenko/CVE-2017-8046 https://github.com/sj/spring-data-rest-CVE-2017-8046 http://www.securityfocus.com/bid/100948 https://access.redhat.com/errata/RHSA-2018:2405 https://pivotal.io/security/cve-2017-8046 https://access.redhat.com/security/cve/CVE-2017-8046 https://bugzilla.redhat.com/show_bug.cgi?id=1553024 • CWE-20: Improper Input Validation •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2018-1190
https://notcve.org/view.php?id=CVE-2018-1190
An issue was discovered in these Pivotal Cloud Foundry products: all versions prior to cf-release v270, UAA v3.x prior to v3.20.2, and UAA bosh v30.x versions prior to v30.8 and all other versions prior to v45.0. A cross-site scripting (XSS) attack is possible in the clientId parameter of a request to the UAA OpenID Connect check session iframe endpoint used for single logout session management. Se ha encontrado un problema en los siguientes productos Pivotal Cloud Foundry: todas las versiones anteriores a cf-release v270, UAA v3.x anteriores a la v3.20.2 y UAA bosh v30.x en versiones anteriores al a v30.8 y todas las demás versiones anteriores a la v45.0. Es posible un ataque Cross-Site Scripting (XSS) en el parámetro clientId de una petición al endpoint UAA OpenID Connect check session iframe utilizado para gestionar las sesiones Single-Logout. • http://www.securityfocus.com/bid/102427 https://www.cloudfoundry.org/cve-2018-1190 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 6%CPEs: 27EXPL: 0CVE-2017-8045
https://notcve.org/view.php?id=CVE-2017-8045
In Pivotal Spring AMQP versions prior to 1.7.4, 1.6.11, and 1.5.7, an org.springframework.amqp.core.Message may be unsafely deserialized when being converted into a string. A malicious payload could be crafted to exploit this and enable a remote code execution attack. En Pivotal Spring AMQP, en versiones anteriores a la 1.7.4, 1.6.11 y 1.5.7, org.springframework.amqp.core.Message podría deserializarse de forma insegura al convertirse en cadena. Una carga útil maliciosa podría manipularse para explotar esto y permitir un ataque de ejecución remota de código. • http://www.securityfocus.com/bid/100936 https://pivotal.io/security/cve-2017-8045 • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14390
https://notcve.org/view.php?id=CVE-2017-14390
In Cloud Foundry Foundation cf-deployment v0.35.0, a misconfiguration with Loggregator and syslog-drain causes logs to be drained to unintended locations. En Cloud Foundry Foundation cf-deployment v0.35.0, un error de configuración con Loggregator y syslog-drain provoca que los informes se purguen en localizaciones no planeadas. • http://www.securityfocus.com/bid/101972 https://www.cloudfoundry.org/cve-2017-14390 •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-8038
https://notcve.org/view.php?id=CVE-2017-8038
In Cloud Foundry Foundation Credhub-release version 1.1.0, access control lists (ACLs) enforce whether an authenticated user can perform an operation on a credential. For installations using ACLs, the ACL was bypassed for the CredHub interpolate endpoint, allowing authenticated applications to view any credential within the CredHub installation. En Cloud Foundry Foundation Credhub-release versión 1.1.0, las listas de control de acceso (ACL) se aplican si un usuario autenticado puede realizar una operación en una credencial. Para las instalaciones que emplean ACL, el ACL fue omitido para el extremo interpolado CredHub, permitiendo que aplicaciones autenticadas vean cualquier credencial en la instalación CredHub. • https://www.cloudfoundry.org/cve-2017-8038 •