Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
None
Privileges Required
None
Attack Vector
Network
0

CVE-2018-11039

Disclosure Date: June 25, 2018
CVE-2018-11039 CVSS v3 Base Score: 5.9
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

Spring Framework (versions 5.0.x prior to 5.0.7, versions 4.3.x prior to 4.3.18, and older unsupported versions) allow web applications to change the HTTP request method to any HTTP method (including TRACE) using the HiddenHttpMethodFilter in Spring MVC. If an application has a pre-existing XSS vulnerability, a malicious user (or attacker) can use this filter to escalate to an XST (Cross Site Tracing) attack.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
5.9 Medium
Impact Score:
3.6
Exploitability Score:
2.2
Vector:
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector (AV):
Network
Attack Complexity (AC):
High
Privileges Required (PR):
None
User Interaction (UI):
None
Scope (S):
Unchanged
Confidentiality (C):
High
Integrity (I):
None
Availability (A):
None

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
Spring Framework 5.0.7
Spring Framework 4.3.18
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

Vendors

  • debian,
  • oracle,
  • vmware

Products

  • agile plm 9.3.3,
  • agile plm 9.3.4,
  • agile plm 9.3.5,
  • agile plm 9.3.6,
  • application testing suite 12.5.0.3,
  • application testing suite 13.1.0.1,
  • application testing suite 13.2.0.1,
  • application testing suite 13.3.0.1,
  • communications diameter signaling router,
  • communications network integrity,
  • communications online mediation controller 6.1,
  • communications performance intelligence center,
  • communications services gatekeeper,
  • communications unified inventory management 7.3.2,
  • communications unified inventory management 7.3.4,
  • communications unified inventory management 7.3.5,
  • communications unified inventory management 7.4.0,
  • debian linux 9.0,
  • endeca information discovery integrator 3.1.0,
  • endeca information discovery integrator 3.2.0,
  • enterprise manager base platform 12.1.0.5.0,
  • enterprise manager base platform 13.2.0.0.0,
  • enterprise manager base platform 13.3.0.0.0,
  • enterprise manager for mysql database 13.2,
  • enterprise manager ops center 12.3.3,
  • health sciences information manager 3.0,
  • healthcare master person index 3.0,
  • healthcare master person index 4.0,
  • hospitality guest access 4.2.0,
  • hospitality guest access 4.2.1,
  • insurance calculation engine,
  • insurance calculation engine 10.2,
  • insurance rules palette 10.0,
  • insurance rules palette 10.2,
  • micros lucas 2.9.5,
  • mysql enterprise monitor,
  • primavera p6 enterprise project portfolio management 18.8,
  • retail advanced inventory planning 15.0,
  • retail assortment planning 14.1,
  • retail assortment planning 15.0,
  • retail assortment planning 16.0,
  • retail clearance optimization engine 14.0.5,
  • retail customer insights 15.0,
  • retail customer insights 16.0,
  • retail financial integration 13.2,
  • retail financial integration 14.0,
  • retail financial integration 14.1,
  • retail financial integration 15.0,
  • retail financial integration 16.0,
  • retail integration bus 14.1.2,
  • retail markdown optimization 13.4.4,
  • retail predictive application server 14.0.3.26,
  • retail predictive application server 14.1.3.37,
  • retail predictive application server 15.0.3..100,
  • retail predictive application server 16.0,
  • retail xstore point of service 7.1,
  • spring framework,
  • utilities network management system 1.12.0.3,
  • weblogic server 10.3.6.0.0,
  • weblogic server 12.1.3.0.0,
  • weblogic server 12.2.1.3.0
Technical Analysis