CVE-2011-2730
Description
VMware SpringSource Spring Framework before 2.5.6.SEC03, 2.5.7.SR023, and 3.x before 3.0.6, when a container supports Expression Language (EL), evaluates EL expressions in tags twice, which allows remote attackers to obtain sensitive information via a (1) name attribute in a (a) spring:hasBindErrors tag; (2) path attribute in a (b) spring:bind or (c) spring:nestedpath tag; (3) arguments, (4) code, (5) text, (6) var, (7) scope, or (8) message attribute in a (d) spring:message or (e) spring:theme tag; or (9) var, (10) scope, or (11) value attribute in a (f) spring:transform tag, aka "Expression Language Injection."
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.springframework:spring-coreMaven | >= 3.0.0, < 3.0.6 | 3.0.6 |
org.springframework:spring-coreMaven | < 2.5.6.SEC03 | 2.5.6.SEC03 |
org.springframework:spring-coreMaven | >= 2.5.7.SR0, < 2.5.7.SR023 | 2.5.7.SR023 |
Affected products
17cpe:2.3:a:springsource:spring_framework:*:*:*:*:*:*:*:*+ 15 more
- cpe:2.3:a:springsource:spring_framework:*:*:*:*:*:*:*:*range: <=2.5.7_sr01
- cpe:2.3:a:springsource:spring_framework:2.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:springsource:spring_framework:2.5.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:springsource:spring_framework:2.5.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:springsource:spring_framework:2.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:springsource:spring_framework:2.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:springsource:spring_framework:2.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:springsource:spring_framework:2.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:springsource:spring_framework:2.5.5:*:*:*:*:*:*:*
- cpe:2.3:a:springsource:spring_framework:2.5.6:*:*:*:*:*:*:*
- cpe:2.3:a:springsource:spring_framework:2.5.7:*:*:*:*:*:*:*
- cpe:2.3:a:springsource:spring_framework:3.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:springsource:spring_framework:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:springsource:spring_framework:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:springsource:spring_framework:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:springsource:spring_framework:3.0.4:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
24- support.springsource.com/security/cve-2011-2730nvdVendor Advisory
- github.com/advisories/GHSA-wv88-pf73-x22pghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2011-2730ghsaADVISORY
- bugs.debian.org/cgi-bin/bugreport.cginvdWEB
- rhn.redhat.com/errata/RHSA-2013-0191.htmlnvdWEB
- rhn.redhat.com/errata/RHSA-2013-0192.htmlnvdWEB
- rhn.redhat.com/errata/RHSA-2013-0194.htmlnvdWEB
- rhn.redhat.com/errata/RHSA-2013-0195.htmlnvdWEB
- rhn.redhat.com/errata/RHSA-2013-0196.htmlnvdWEB
- rhn.redhat.com/errata/RHSA-2013-0198.htmlnvdWEB
- rhn.redhat.com/errata/RHSA-2013-0221.htmlnvdWEB
- rhn.redhat.com/errata/RHSA-2013-0533.htmlnvdWEB
- www.debian.org/security/2012/dsa-2504nvdWEB
- www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.htmlnvdWEB
- docs.google.com/document/d/1dc1xxO8UMFaGLOwgkykYdghGWm_2Gn0iCrxFsympqcE/editnvdWEB
- github.com/spring-projects/spring-framework/commit/62ccc8dd7e645fb91705d44919abac838cb5ca3fghsaWEB
- github.com/spring-projects/spring-framework/commit/9772eb8410e37cd0bdec0d1b133218446c778bebghsaWEB
- github.com/spring-projects/spring-framework/commit/b8d86330d1fadc645630416c3aaebf131bf749fcghsaWEB
- rhn.redhat.com/errata/RHSA-2013-0193.htmlnvd
- rhn.redhat.com/errata/RHSA-2013-0197.htmlnvd
- secunia.com/advisories/51984nvd
- secunia.com/advisories/52054nvd
- secunia.com/advisories/55155nvd
- www.securitytracker.com/id/1029151nvd
News mentions
0No linked articles in our index yet.