Back to search
CVE-2018-1258
Published: May 11, 2018
Modified: Sep 17, 2024
PUBLISHED
Description
Spring Framework version 5.0.5 when used in combination with any versions of Spring Security contains an authorization bypass when using method security. An unauthorized malicious user can gain unauthorized access to methods that should be restricted.
| Vendor | Product | Versions |
|---|---|---|
Pivotal | Spring Framework | affected 5.0.5 |
References
104222
vdb-entry
x_refsource_BID
1041888
vdb-entry
x_refsource_SECTRACK
1041896
vdb-entry
x_refsource_SECTRACK
RHSA-2019:2413
vendor-advisory
x_refsource_REDHAT
https://www.oracle.com/security-alerts/cpuapr2020.html
x_refsource_MISC
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
x_refsource_CONFIRM
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
x_refsource_CONFIRM
https://www.oracle.com/security-alerts/cpujul2020.html
x_refsource_MISC
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
x_refsource_CONFIRM
https://www.oracle.com/security-alerts/cpujan2020.html
x_refsource_MISC
https://security.netapp.com/advisory/ntap-20181018-0002/
x_refsource_CONFIRM
https://pivotal.io/security/cve-2018-1258
x_refsource_CONFIRM
https://www.oracle.com/security-alerts/cpujan2021.html
x_refsource_MISC
https://www.oracle.com/security-alerts/cpuoct2021.html
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now