{"api_version":"1","generated_at":"2026-04-22T22:49:11+00:00","cve":"CVE-2018-1273","urls":{"html":"https://cve.report/CVE-2018-1273","api":"https://cve.report/api/cve/CVE-2018-1273.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2018-1273","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2018-1273"},"summary":{"title":"CVE-2018-1273","description":"Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property binder vulnerability caused by improper neutralization of special elements. An unauthenticated remote malicious user (or attacker) can supply specially crafted request parameters against Spring Data REST backed HTTP resources or using Spring Data's projection-based request payload binding hat can lead to a remote code execution attack.","state":"PUBLIC","assigner":"secure@dell.com","published_at":"2018-04-11 13:29:00","updated_at":"2022-07-25 18:15:00"},"problem_types":["CWE-20"],"metrics":[],"references":[{"url":"http://mail-archives.apache.org/mod_mbox/ignite-dev/201807.mbox/%3CCAK0qHnqzfzmCDFFi6c5Jok19zNkVCz5Xb4sU%3D0f2J_1i4p46zQ%40mail.gmail.com%3E","name":"[ignite-dev] 20180719 [CVE-2018-1273] Apache Ignite impacted by security vulnerability in Spring Data Commons","refsource":"MLIST","tags":["Mailing List","Third Party Advisory"],"title":"[CVE-2018-1273] Apache Ignite impacted by security vulnerability in Spring Data Commons","mime":"text/xml","httpstatus":"200","archivestatus":"200"},{"url":"https://pivotal.io/security/cve-2018-1273","name":"https://pivotal.io/security/cve-2018-1273","refsource":"CONFIRM","tags":["Vendor Advisory"],"title":"CVE-2018-1273: RCE with Spring Data Commons | Security | VMware Tanzu","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://www.oracle.com/security-alerts/cpujul2022.html","name":"N/A","refsource":"N/A","tags":[],"title":"Oracle Critical Patch Update Advisory - July 2022","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2018-1273","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-1273","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2018","cve_id":"1273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"apache","cpe5":"ignite","cpe6":"1.0.0","cpe7":"rc3","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"1273","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"apache","cpe5":"ignite","cpe6":"1.0.0","cpe7":"rc3","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"1273","vulnerable":"1","versionEndIncluding":"2.5.0","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"apache","cpe5":"ignite","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"1273","vulnerable":"1","versionEndIncluding":"1.12.10","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"pivotal_software","cpe5":"spring_data_commons","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"1273","vulnerable":"1","versionEndIncluding":"1.13.10","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"pivotal_software","cpe5":"spring_data_commons","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"1273","vulnerable":"1","versionEndIncluding":"2.0.5","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"pivotal_software","cpe5":"spring_data_commons","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"1273","vulnerable":"1","versionEndIncluding":"2.5.10","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"pivotal_software","cpe5":"spring_data_rest","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"1273","vulnerable":"1","versionEndIncluding":"2.6.10","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"pivotal_software","cpe5":"spring_data_rest","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"1273","vulnerable":"1","versionEndIncluding":"3.0.5","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"pivotal_software","cpe5":"spring_data_rest","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":{"cve_year":"2018","cve_id":"1273","cve":"CVE-2018-1273","vendorProject":"VMware Tanzu","product":"Spring Data Commons","vulnerabilityName":"VMware Tanzu Spring Data Commons Property Binder Vulnerability","dateAdded":"2022-03-25","shortDescription":"Spring Data Commons contains a property binder vulnerability which can allow an attacker to perform remote code execution.","requiredAction":"Apply updates per vendor instructions.","dueDate":"2022-04-15","knownRansomwareCampaignUse":"Known","notes":"https://nvd.nist.gov/vuln/detail/CVE-2018-1273","cwes":"CWE-94","catalogVersion":"2026.04.22","updated_at":"2026-04-22 20:03:10"},"epss":{"cve_year":"2018","cve_id":"1273","cve":"CVE-2018-1273","epss":"0.942880000","percentile":"0.999400000","score_date":"2026-04-21","updated_at":"2026-04-22 00:07:42"},"legacy_qids":[{"cve":"CVE-2018-1273","qid":"983145","title":"Java (maven) Security Update for org.springframework.data:spring-data-commons (GHSA-4fq3-mr56-cg6r)"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"secure@dell.com","DATE_PUBLIC":"2018-04-10T00:00:00","ID":"CVE-2018-1273","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Spring Framework","version":{"version_data":[{"version_value":"Versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions"}]}}]},"vendor_name":"Spring by Pivotal"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property binder vulnerability caused by improper neutralization of special elements. An unauthenticated remote malicious user (or attacker) can supply specially crafted request parameters against Spring Data REST backed HTTP resources or using Spring Data's projection-based request payload binding hat can lead to a remote code execution attack."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-94 - Code Injection"}]}]},"references":{"reference_data":[{"name":"[ignite-dev] 20180719 [CVE-2018-1273] Apache Ignite impacted by security vulnerability in Spring Data Commons","refsource":"MLIST","url":"http://mail-archives.apache.org/mod_mbox/ignite-dev/201807.mbox/%3CCAK0qHnqzfzmCDFFi6c5Jok19zNkVCz5Xb4sU%3D0f2J_1i4p46zQ%40mail.gmail.com%3E"},{"url":"https://www.oracle.com/security-alerts/cpujul2022.html","refsource":"MISC","name":"https://www.oracle.com/security-alerts/cpujul2022.html"},{"name":"https://pivotal.io/security/cve-2018-1273","refsource":"CONFIRM","url":"https://pivotal.io/security/cve-2018-1273"}]}},"nvd":{"publishedDate":"2018-04-11 13:29:00","lastModifiedDate":"2022-07-25 18:15:00","problem_types":["CWE-20"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":9.8,"baseSeverity":"CRITICAL"},"exploitabilityScore":3.9,"impactScore":5.9},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL","baseScore":7.5},"severity":"HIGH","exploitabilityScore":10,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:pivotal_software:spring_data_commons:*:*:*:*:*:*:*:*","versionStartIncluding":"1.13","versionEndIncluding":"1.13.10","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:pivotal_software:spring_data_commons:*:*:*:*:*:*:*:*","versionStartIncluding":"2.0","versionEndIncluding":"2.0.5","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:pivotal_software:spring_data_commons:*:*:*:*:*:*:*:*","versionEndIncluding":"1.12.10","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:pivotal_software:spring_data_rest:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6","versionEndIncluding":"2.6.10","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:pivotal_software:spring_data_rest:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0","versionEndIncluding":"3.0.5","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:pivotal_software:spring_data_rest:*:*:*:*:*:*:*:*","versionEndIncluding":"2.5.10","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:apache:ignite:1.0.0:rc3:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:apache:ignite:*:*:*:*:*:*:*:*","versionStartIncluding":"1.0.0","versionEndIncluding":"2.5.0","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2018","CveId":"1273","Ordinal":"116568","Title":"CVE-2018-1273","CVE":"CVE-2018-1273","Year":"2018"},"notes":[{"CveYear":"2018","CveId":"1273","Ordinal":"1","NoteData":"Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property binder vulnerability caused by improper neutralization of special elements. An unauthenticated remote malicious user (or attacker) can supply specially crafted request parameters against Spring Data REST backed HTTP resources or using Spring Data's projection-based request payload binding hat can lead to a remote code execution attack.","Type":"Description","Title":null},{"CveYear":"2018","CveId":"1273","Ordinal":"2","NoteData":"2018-04-11","Type":"Other","Title":"Published"},{"CveYear":"2018","CveId":"1273","Ordinal":"3","NoteData":"2018-07-20","Type":"Other","Title":"Modified"}]}}}