CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-8045

In Pivotal Spring AMQP versions prior to 1.7.4, 1.6.11, and 1.5.7, an org.springframework.amqp.core.Message may be unsafely deserialized when being converted into a string. A malicious payload could be crafted to exploit this and enable a remote code execution attack.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.03

EPSS Ranking 85.8%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

Products affected by CVE-2017-8045

Pivotal Software » Spring Advanced Message Queuing Protocol » Version: 1.5.0

cpe:2.3:a:pivotal_software:spring_advanced_message_queuing_protocol:1.5.0
Pivotal Software » Spring Advanced Message Queuing Protocol » Version: 1.5.1

cpe:2.3:a:pivotal_software:spring_advanced_message_queuing_protocol:1.5.1
Pivotal Software » Spring Advanced Message Queuing Protocol » Version: 1.5.2

cpe:2.3:a:pivotal_software:spring_advanced_message_queuing_protocol:1.5.2
Pivotal Software » Spring Advanced Message Queuing Protocol » Version: 1.5.3

cpe:2.3:a:pivotal_software:spring_advanced_message_queuing_protocol:1.5.3
Pivotal Software » Spring Advanced Message Queuing Protocol » Version: 1.5.4

cpe:2.3:a:pivotal_software:spring_advanced_message_queuing_protocol:1.5.4
Pivotal Software » Spring Advanced Message Queuing Protocol » Version: 1.5.5

cpe:2.3:a:pivotal_software:spring_advanced_message_queuing_protocol:1.5.5
Pivotal Software » Spring Advanced Message Queuing Protocol » Version: 1.5.6

cpe:2.3:a:pivotal_software:spring_advanced_message_queuing_protocol:1.5.6
Pivotal Software » Spring Advanced Message Queuing Protocol » Version: 1.6.0

cpe:2.3:a:pivotal_software:spring_advanced_message_queuing_protocol:1.6.0
Pivotal Software » Spring Advanced Message Queuing Protocol » Version: 1.6.1

cpe:2.3:a:pivotal_software:spring_advanced_message_queuing_protocol:1.6.1
Pivotal Software » Spring Advanced Message Queuing Protocol » Version: 1.6.10

cpe:2.3:a:pivotal_software:spring_advanced_message_queuing_protocol:1.6.10
Pivotal Software » Spring Advanced Message Queuing Protocol » Version: 1.6.2

cpe:2.3:a:pivotal_software:spring_advanced_message_queuing_protocol:1.6.2
Pivotal Software » Spring Advanced Message Queuing Protocol » Version: 1.6.3

cpe:2.3:a:pivotal_software:spring_advanced_message_queuing_protocol:1.6.3
Pivotal Software » Spring Advanced Message Queuing Protocol » Version: 1.6.4

cpe:2.3:a:pivotal_software:spring_advanced_message_queuing_protocol:1.6.4
Pivotal Software » Spring Advanced Message Queuing Protocol » Version: 1.6.5

cpe:2.3:a:pivotal_software:spring_advanced_message_queuing_protocol:1.6.5
Pivotal Software » Spring Advanced Message Queuing Protocol » Version: 1.6.6

cpe:2.3:a:pivotal_software:spring_advanced_message_queuing_protocol:1.6.6
Pivotal Software » Spring Advanced Message Queuing Protocol » Version: 1.6.7

cpe:2.3:a:pivotal_software:spring_advanced_message_queuing_protocol:1.6.7
Pivotal Software » Spring Advanced Message Queuing Protocol » Version: 1.6.8

cpe:2.3:a:pivotal_software:spring_advanced_message_queuing_protocol:1.6.8
Pivotal Software » Spring Advanced Message Queuing Protocol » Version: 1.6.9

cpe:2.3:a:pivotal_software:spring_advanced_message_queuing_protocol:1.6.9
Pivotal Software » Spring Advanced Message Queuing Protocol » Version: 1.7.0

cpe:2.3:a:pivotal_software:spring_advanced_message_queuing_protocol:1.7.0
Pivotal Software » Spring Advanced Message Queuing Protocol » Version: 1.7.1

cpe:2.3:a:pivotal_software:spring_advanced_message_queuing_protocol:1.7.1
Pivotal Software » Spring Advanced Message Queuing Protocol » Version: 1.7.2

cpe:2.3:a:pivotal_software:spring_advanced_message_queuing_protocol:1.7.2
Pivotal Software » Spring Advanced Message Queuing Protocol » Version: 1.7.3

cpe:2.3:a:pivotal_software:spring_advanced_message_queuing_protocol:1.7.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-8045

Products

Pricing

Contact Us