CVE-2018-1273

CRITICAL
KEV
Ransomware

VMware Tanzu Spring Data Commons Property Binder Vulnerability

Details

CVSS v3: 9.8
CVSS v2: 7.5
NVD published: 2018-04-11 13:29:00
CISA date: 2022-03-25
EPSS: 94.3% probability · 99.9th percentile — 2026-04-08
Affected versions: cpe:2.3:a:pivotal_software:spring_data_commons:*:*:*:*:*:*:*:* cpe:2.3:a:pivotal_software:spring_data_commons:*:*:*:*:*:*:*:* cpe:2.3:a:pivotal_software:spring_data_commons:*:*:*:*:*:*:*:* cpe:2.3:a:pivotal_software:spring_data_rest:*:*:*:*:*:*:*:* cpe:2.3:a:pivotal_software:spring_data_rest:*:*:*:*:*:*:*:* cpe:2.3:a:pivotal_software:spring_data_rest:*:*:*:*:*:*:*:* cpe:2.3:a:apache:ignite:*:*:*:*:*:*:*:* cpe:2.3:a:apache:ignite:1.0.0:-:*:*:*:*:*:* cpe:2.3:a:apache:ignite:1.0.0:rc3:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.2.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.3.0:*:*:*:*:*:*:*
Summary: Spring Data Commons contains a property binder vulnerability which can allow an attacker to perform remote code execution.
Remediation: Apply updates per vendor instructions.
Exploit info: No exploit-tagged NVD references in our cache; see the CISA KEV link below.

TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.

Subscribe — free email digest or paid plan

Information is aggregated from multiple authoritative sources for convenience; verify with NVD and vendors before operational decisions.