netapp oncommand-insight CVE-2018-1258 vulnerability in NetApp and Other Products
Published on May 11, 2018

product logo product logo product logo product logo product logo
Spring Framework version 5.0.5 when used in combination with any versions of Spring Security contains an authorization bypass when using method security. An unauthorized malicious user can gain unauthorized access to methods that should be restricted.

Vendor Advisory NVD


Products Associated with CVE-2018-1258

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2018-1258 are published in these products:

NetApp Oncommand Insight
 
NetApp Oncommand Unified Manager
 
NetApp Oncommand Workflow Automation
 
NetApp Snapcenter
 
NetApp Storage Automation Store
 
Oracle Agile Plm
 
Oracle Application Testing Suite
 
Oracle Big Data Discovery
 
Oracle Communications Converged Application Server
 
Oracle Communications Diameter Signaling Router
 
Oracle Communications Performance Intelligence Center
 
Oracle Communications Services Gatekeeper
 
Oracle Endeca Information Discovery Integrator
 
Oracle Enterprise Manager Mysql Database
 
Oracle Enterprise Manager Ops Center
 
Oracle Enterprise Repository
 
Oracle Goldengate For Big Data
 
Oracle Healthcare Master Person Index
 
Oracle Health Sciences Information Manager
 
Oracle Hospitality Guest Access
 
Oracle Insurance Calculation Engine
 
Oracle Insurance Policy Administration
 
Oracle Insurance Rules Palette
 
Oracle Micros Lucas
 
Oracle Mysql Enterprise Monitor
 
Oracle Peoplesoft Enterprise Fin Install
 
Oracle Retail Assortment Planning
 
Oracle Retail Back Office
 
Oracle Retail Central Office
 
Oracle Retail Customer Insights
 
Oracle Retail Financial Integration
 
Oracle Retail Integration Bus
 
Oracle Retail Point Of Service
 
Oracle Retail Returns Management
 
Oracle Service Architecture Leveraging Tuxedo
 
Oracle Tape Library Acsls
 
Oracle Weblogic Server
 
Pivotal Software Spring Framework
 
Pivotal Software Spring Security
 
Oracle Communications Network Integrity
 
Oracle Retail Xstore Point Of Service
 
Red Hat Fuse
 
VMware Spring Framework
 

Affected Versions

Pivotal Spring Framework Version 5.0.5 is affected by CVE-2018-1258

Exploit Probability

EPSS
0.16%
Percentile
37.38%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.