{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-38808", "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "state": "PUBLISHED", "assignerShortName": "vmware", "dateReserved": "2024-06-19T22:31:57.187Z", "datePublished": "2024-08-20T07:12:44.736Z", "dateUpdated": "2024-10-30T18:41:27.943Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "affected", "packageName": "Spring Framework", "product": "Spring Framework", "vendor": "Spring", "versions": [{"lessThan": "5.3.39, 6.0+", "status": "affected", "version": "5.3.0", "versionType": "5.3.396.0"}]}], "datePublic": "2024-08-14T07:08:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>In Spring Framework versions 5.3.0 - 5.3.38 and older unsupported versions, it is possible for a user to provide a specially crafted Spring Expression Language (SpEL) expression that may cause a denial of service (DoS) condition.</p><p>Specifically, an application is vulnerable when the following is true:</p><ul><li>The application evaluates user-supplied SpEL expressions.</li></ul><br>"}], "value": "In Spring Framework versions 5.3.0 - 5.3.38 and older unsupported versions, it is possible for a user to provide a specially crafted Spring Expression Language (SpEL) expression that may cause a denial of service (DoS) condition.\n\nSpecifically, an application is vulnerable when the following is true:\n\n * The application evaluates user-supplied SpEL expressions."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "providerMetadata": {"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "shortName": "vmware", "dateUpdated": "2024-08-20T07:12:44.736Z"}, "references": [{"url": "https://spring.io/security/cve-2024-38808"}], "source": {"discovery": "UNKNOWN"}, "title": "CVE-2024-38808: Spring Expression DoS Vulnerability", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-770", "lang": "en", "description": "CWE-770 Allocation of Resources Without Limits or Throttling"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-08-20T13:48:27.427803Z", "id": "CVE-2024-38808", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-30T18:41:27.943Z"}}, {"title": "CVE Program Container", "references": [{"url": "https://security.netapp.com/advisory/ntap-20240920-0002/"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-09-20T16:03:07.732Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://security.netapp.com/advisory/ntap-20240920-0002/"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-09-20T16:03:07.732Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-38808", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-08-20T13:48:27.427803Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-770", "description": "CWE-770 Allocation of Resources Without Limits or Throttling"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-20T13:48:35.991Z"}}], "cna": {"title": "CVE-2024-38808: Spring Expression DoS Vulnerability", "source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Spring", "product": "Spring Framework", "versions": [{"status": "affected", "version": "5.3.0", "lessThan": "5.3.39, 6.0+", "versionType": "5.3.396.0"}], "packageName": "Spring Framework", "defaultStatus": "affected"}], "datePublic": "2024-08-14T07:08:00.000Z", "references": [{"url": "https://spring.io/security/cve-2024-38808"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "In Spring Framework versions 5.3.0 - 5.3.38 and older unsupported versions, it is possible for a user to provide a specially crafted Spring Expression Language (SpEL) expression that may cause a denial of service (DoS) condition.\n\nSpecifically, an application is vulnerable when the following is true:\n\n * The application evaluates user-supplied SpEL expressions.", "supportingMedia": [{"type": "text/html", "value": "<p>In Spring Framework versions 5.3.0 - 5.3.38 and older unsupported versions, it is possible for a user to provide a specially crafted Spring Expression Language (SpEL) expression that may cause a denial of service (DoS) condition.</p><p>Specifically, an application is vulnerable when the following is true:</p><ul><li>The application evaluates user-supplied SpEL expressions.</li></ul><br>", "base64": false}]}], "providerMetadata": {"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "shortName": "vmware", "dateUpdated": "2024-08-20T07:12:44.736Z"}}}, "cveMetadata": {"cveId": "CVE-2024-38808", "state": "PUBLISHED", "dateUpdated": "2024-10-30T18:41:27.943Z", "dateReserved": "2024-06-19T22:31:57.187Z", "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "datePublished": "2024-08-20T07:12:44.736Z", "assignerShortName": "vmware"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "In Spring Framework versions 5.3.0 - 5.3.38 and older unsupported versions, it is possible for a user to provide a specially crafted Spring Expression Language (SpEL) expression that may cause a denial of service (DoS) condition.\n\nSpecifically, an application is vulnerable when the following is true:\n\n * The application evaluates user-supplied SpEL expressions."}, {"lang": "es", "value": "En las versiones de Spring Framework 5.3.0 - 5.3.38 y versiones anteriores no compatibles, es posible que un usuario proporcione una expresi\u00f3n Spring Expression Language (SpEL) especialmente manipulada que puede causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Espec\u00edficamente, una aplicaci\u00f3n es vulnerable cuando se cumple lo siguiente: * La aplicaci\u00f3n eval\u00faa expresiones SpEL proporcionadas por el usuario."}], "id": "CVE-2024-38808", "lastModified": "2024-11-21T09:26:50.877", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "security@vmware.com", "type": "Secondary"}]}, "published": "2024-08-20T08:15:05.023", "references": [{"source": "security@vmware.com", "url": "https://spring.io/security/cve-2024-38808"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.netapp.com/advisory/ntap-20240920-0002/"}], "sourceIdentifier": "security@vmware.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-770"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2024:8886", "cpe": "cpe:/a:redhat:ocp_tools:4.12::el8", "package": "jenkins-0:2.462.3.1730119132-3.el8", "product_name": "OCP-Tools-4.12-RHEL-8", "release_date": "2024-11-05T00:00:00Z"}, {"advisory": "RHSA-2024:8886", "cpe": "cpe:/a:redhat:ocp_tools:4.12::el8", "package": "jenkins-2-plugins-0:4.12.1730119231-1.el8", "product_name": "OCP-Tools-4.12-RHEL-8", "release_date": "2024-11-05T00:00:00Z"}, {"advisory": "RHSA-2024:8887", "cpe": "cpe:/a:redhat:ocp_tools:4.13::el8", "package": "jenkins-0:2.462.3.1729839924-3.el8", "product_name": "OCP-Tools-4.13-RHEL-8", "release_date": "2024-11-05T00:00:00Z"}, {"advisory": "RHSA-2024:8887", "cpe": "cpe:/a:redhat:ocp_tools:4.13::el8", "package": "jenkins-2-plugins-0:4.13.1729840148-1.el8", "product_name": "OCP-Tools-4.13-RHEL-8", "release_date": "2024-11-05T00:00:00Z"}, {"advisory": "RHSA-2024:8885", "cpe": "cpe:/a:redhat:ocp_tools:4.14::el8", "package": "jenkins-0:2.462.3.1729839727-3.el8", "product_name": "OCP-Tools-4.14-RHEL-8", "release_date": "2024-11-05T00:00:00Z"}, {"advisory": "RHSA-2024:8885", "cpe": "cpe:/a:redhat:ocp_tools:4.14::el8", "package": "jenkins-2-plugins-0:4.14.1729839844-1.el8", "product_name": "OCP-Tools-4.14-RHEL-8", "release_date": "2024-11-05T00:00:00Z"}, {"advisory": "RHSA-2024:8884", "cpe": "cpe:/a:redhat:ocp_tools:4.15::el8", "package": "jenkins-0:2.462.3.1729837947-3.el8", "product_name": "OCP-Tools-4.15-RHEL-8", "release_date": "2024-11-05T00:00:00Z"}, {"advisory": "RHSA-2024:8884", "cpe": "cpe:/a:redhat:ocp_tools:4.15::el8", "package": "jenkins-2-plugins-0:4.15.1729838165-1.el8", "product_name": "OCP-Tools-4.15-RHEL-8", "release_date": "2024-11-05T00:00:00Z"}, {"advisory": "RHSA-2024:6508", "cpe": "cpe:/a:redhat:apache_camel_spring_boot:4.4.2", "package": "org.springframework/spring-expression", "product_name": "Red Hat build of Apache Camel 4.4.2 for Spring Boot", "release_date": "2024-09-09T00:00:00Z"}], "bugzilla": {"description": "spring-expression: Denial of service when processing a specially crafted Spring Expression Language expression", "id": "2305959", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2305959"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.9", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-400", "details": ["In Spring Framework versions 5.3.0 - 5.3.38 and older unsupported versions, it is possible for a user to provide a specially crafted Spring Expression Language (SpEL) expression that may cause a denial of service (DoS) condition.\nSpecifically, an application is vulnerable when the following is true:\n* The application evaluates user-supplied SpEL expressions.", "A flaw was found in the Spring framework package. A maliciously crafted Spring Expression Language (SePL) may trigger uncontrolled CPU usage, leading to a denial of service in the application consuming it. To be considered vulnerable, one application has to evaluate user-supplied SpEL expressions."], "name": "CVE-2024-38808", "package_state": [{"cpe": "cpe:/a:redhat:amq_clients:2023", "fix_state": "Not affected", "package_name": "org.springframework/spring-expression", "product_name": "AMQ Clients"}, {"cpe": "cpe:/a:redhat:a_mq_clients:2", "fix_state": "Not affected", "package_name": "org.springframework/spring-expression", "product_name": "A-MQ Clients 2"}, {"cpe": "cpe:/a:redhat:logging:5", "fix_state": "Not affected", "package_name": "org.springframework/spring-expression", "product_name": "Logging Subsystem for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:amq_broker:7", "fix_state": "Not affected", "package_name": "org.springframework/spring-expression", "product_name": "Red Hat AMQ Broker 7"}, {"cpe": "cpe:/a:redhat:camel_quarkus:3", "fix_state": "Not affected", "package_name": "org.springframework/spring-expression", "product_name": "Red Hat build of Apache Camel for Quarkus"}, {"cpe": "cpe:/a:redhat:camel_spring_boot:3", "fix_state": "Out of support scope", "package_name": "org.springframework/spring-expression", "product_name": "Red Hat build of Apache Camel for Spring Boot 3"}, {"cpe": "cpe:/a:redhat:rhboac_hawtio:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "org.springframework/spring-expression", "product_name": "Red Hat build of Apache Camel - HawtIO"}, {"cpe": "cpe:/a:redhat:build_keycloak:", "fix_state": "Not affected", "package_name": "org.springframework/spring-expression", "product_name": "Red Hat Build of Keycloak"}, {"cpe": "cpe:/a:redhat:optaplanner:::el6", "fix_state": "Will not fix", "package_name": "org.springframework/spring-expression", "product_name": "Red Hat build of OptaPlanner 8"}, {"cpe": "cpe:/a:redhat:quarkus:3", "fix_state": "Fix deferred", "impact": "low", "package_name": "org.springframework/spring-expression", "product_name": "Red Hat build of Quarkus"}, {"cpe": "cpe:/a:redhat:jboss_data_grid:8", "fix_state": "Not affected", "package_name": "org.springframework/spring-expression", "product_name": "Red Hat Data Grid 8"}, {"cpe": "cpe:/a:redhat:jboss_fuse:7", "fix_state": "Fix deferred", "impact": "low", "package_name": "org.apache.servicemix.bundles/org.apache.servicemix.bundles.spring-expression", "product_name": "Red Hat Fuse 7"}, {"cpe": "cpe:/a:redhat:jboss_fuse:7", "fix_state": "Fix deferred", "impact": "low", "package_name": "org.springframework/spring-expression", "product_name": "Red Hat Fuse 7"}, {"cpe": "cpe:/a:redhat:integration:1", "fix_state": "Not affected", "package_name": "org.apache.servicemix.bundles/org.apache.servicemix.bundles.spring-expression", "product_name": "Red Hat Integration Camel K"}, {"cpe": "cpe:/a:redhat:integration:1", "fix_state": "Not affected", "package_name": "org.springframework/spring-expression", "product_name": "Red Hat Integration Camel K"}, {"cpe": "cpe:/a:redhat:jboss_data_grid:7", "fix_state": "Not affected", "package_name": "org.apache.servicemix.bundles/org.apache.servicemix.bundles.spring-expression", "product_name": "Red Hat JBoss Data Grid 7"}, {"cpe": "cpe:/a:redhat:jboss_data_grid:7", "fix_state": "Not affected", "package_name": "org.springframework/spring-expression", "product_name": "Red Hat JBoss Data Grid 7"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7", "fix_state": "Not affected", "package_name": "org.apache.servicemix.bundles/org.apache.servicemix.bundles.spring-expression", "product_name": "Red Hat JBoss Enterprise Application Platform 7"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7", "fix_state": "Not affected", "package_name": "org.springframework/spring-expression", "product_name": "Red Hat JBoss Enterprise Application Platform 7"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8", "fix_state": "Not affected", "package_name": "org.springframework/spring-expression", "product_name": "Red Hat JBoss Enterprise Application Platform 8"}, {"cpe": "cpe:/a:redhat:jbosseapxp", "fix_state": "Not affected", "package_name": "org.apache.servicemix.bundles/org.apache.servicemix.bundles.spring-expression", "product_name": "Red Hat JBoss Enterprise Application Platform Expansion Pack"}, {"cpe": "cpe:/a:redhat:jbosseapxp", "fix_state": "Not affected", "package_name": "org.springframework/spring-expression", "product_name": "Red Hat JBoss Enterprise Application Platform Expansion Pack"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Will not fix", "package_name": "jenkins", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_bpms_platform:7", "fix_state": "Fix deferred", "impact": "low", "package_name": "org.springframework/spring-expression", "product_name": "Red Hat Process Automation 7"}, {"cpe": "cpe:/a:redhat:red_hat_single_sign_on:7", "fix_state": "Not affected", "package_name": "org.springframework/spring-expression", "product_name": "Red Hat Single Sign-On 7"}, {"cpe": "cpe:/o:redhat:rhev_hypervisor:4", "fix_state": "Under investigation", "package_name": "ovirt-dependencies", "product_name": "Red Hat Virtualization 4"}], "public_date": "2024-08-20T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-38808\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-38808\nhttps://spring.io/security/cve-2024-38808"], "threat_severity": "Moderate"}