National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Vulnerability Change Record for CVE-2018-15758

Change History

Initial Analysis - 11/13/2018 11:30:23 AM

Action Type Old Value New Value
Changed Reference Type
http://www.securityfocus.com/bid/105687 No Types Assigned
http://www.securityfocus.com/bid/105687 Third Party Advisory, VDB Entry
Changed Reference Type
https://pivotal.io/security/cve-2018-15758 No Types Assigned
https://pivotal.io/security/cve-2018-15758 Mitigation, Vendor Advisory
Added CWE
CWE-264
Added CVSS V2
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Added CVSS V3
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Added CPE Configuration
OR
     *cpe:2.3:a:pivotal_software:spring_security_oauth:*:*:*:*:*:*:*:* versions up to (including) 1.0.5
     *cpe:2.3:a:pivotal_software:spring_security_oauth:*:*:*:*:*:*:*:* versions from (including) 2.0.0 up to (excluding) 2.0.16
     *cpe:2.3:a:pivotal_software:spring_security_oauth:*:*:*:*:*:*:*:* versions from (including) 2.1.0 up to (excluding) 2.1.3
     *cpe:2.3:a:pivotal_software:spring_security_oauth:*:*:*:*:*:*:*:* versions from (including) 2.2.0 up to (excluding) 2.2.3
     *cpe:2.3:a:pivotal_software:spring_security_oauth:*:*:*:*:*:*:*:* versions from (including) 2.3.0 up to (excluding) 2.3.4