Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a remote code execution attack.
oryginał ENCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HDebian
OSDebian9.0Oracle Application Testing Suite
APPOracle12.5.0.313.1.0.113.2.0.113.3.0.1Oracle Big Data Discovery
APPOracle1.6.0Oracle Communications Converged Application Server
APPOracle< 7.0.0.1Oracle Communications Diameter Signaling Router
APPOracle< 8.3Oracle Communications Performance Intelligence Center
APPOracle< 10.2.1Oracle Communications Services Gatekeeper
APPOracle< 6.1.0.4.0Oracle Enterprise Manager Ops Center
APPOracle12.2.212.3.3Oracle Goldengate For Big Data
APPOracle12.2.0.112.3.1.112.3.2.1Oracle Healthcare Master Person Index
APPOracle3.04.0Oracle Health Sciences Information Manager
APPOracle3.0Oracle Insurance Calculation Engine
APPOracle10.1.110.210.2.1Oracle Insurance Rules Palette
APPOracle10.010.110.211.011.1Oracle Primavera Gateway
APPOracle15.216.217.12Oracle Retail Back Office
APPOracle14.014.1Oracle Retail Central Office
APPOracle14.014.1Oracle Retail Customer Insights
APPOracle15.016.0Oracle Retail Integration Bus
APPOracle14.0.114.0.214.0.314.0.414.1.114.1.214.1.315.0.0.115.0.115.0.216.016.0.116.0.2Oracle Retail Open Commerce Platform
APPOracle5.3.06.0.06.0.1Oracle Retail Order Broker
APPOracle15.016.05.15.2Oracle Retail Point Of Sale
APPOracle14.014.1Oracle Retail Predictive Application Server
APPOracle14.014.115.016.0Oracle Retail Returns Management
APPOracle14.014.1Oracle Retail Xstore Point Of Service
APPOracle7.1Oracle Service Architecture Leveraging Tuxedo
APPOracle12.1.3.0.012.2.2.0.0Oracle Tape Library Acsls
APPOracle8.4Red Hat Fuse
APPRedhat1.0.0VMware Spring Framework
APPVmware5.0.0 – 5.0.5 (bez)< 4.3.16
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
RCE
Referencje
Powiązane podatności
CVE-2026-24061CRITICAL9.8⚠ KEVPL ✓ten sam produkt
GNU Inetutils telnetd: ominięcie uwierzytelnienia przez zmienną USER
CVE-2025-32463CRITICAL9.3⚠ KEVPL ✓ten sam produkt
Sudo: eskalacja uprawnień do root poprzez opcję --chroot (CVE-2025-32463)
CVE-2025-49113CRITICAL9.9⚠ KEVPL ✓ten sam produkt
RCE przez deserializację PHP w Roundcube Webmail (parametr _from)
CVE-2025-32433CRITICAL10.0⚠ KEVPL ✓ten sam produkt
Erlang/OTP SSH — nieuwierzytelniony RCE (CVSS 10.0)
CVE-2025-24201CRITICAL10.0⚠ KEVPL ✓ten sam produkt
Apple WebKit: out-of-bounds write umożliwiający ucieczkę z sandbox przeglądarki