CVE-2022-22965 Scanner
Detects 'Remote Code Execution (RCE)' vulnerability in Spring Framework affects v. Spring Framework 5.3.X prior to 5.3.18+, 5.2.x prior to 5.2.20+ and all old and unsupported versions.
Short Info
Level
Critical
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 sec
Scan only one
Url
Toolbox
-
The Spring Framework is a widely used Java-based application development framework. It provides developers with a comprehensive programming and configuration model for modern Java-based enterprise applications, including web, mobile, and cloud-native applications. The Spring Framework offers a variety of features, including inversion of control, security, data access, transaction management, and more. It is an excellent choice for developers who want to build robust and scalable applications in Java.
However, the Spring Framework has recently been found to be vulnerable to a critical remote code execution (RCE) exploit, tracked as CVE-2022-22965. This vulnerability affects the Spring MVC and Spring WebFlux applications running on JDK 9+. The attack is accomplished via data binding, and the application must be deployed as a WAR on Tomcat to be vulnerable. If the application is deployed as a Spring Boot executable jar, it is not vulnerable to the exploit. Nevertheless, the vulnerability's scope is extensive, and other attack vectors may be possible.
When exploited, CVE-2022-22965 can lead to a complete compromise of the vulnerable application's security. An attacker can execute arbitrary code on the targeted system, potentially leading to the theft of sensitive data, system takeovers, or other forms of malicious activity. Remote code execution vulnerabilities are severe and require prompt attention and mitigation to prevent exploitation.
Thanks to the pro features of the securityforeveryone.com platform, you can easily and quickly learn about vulnerabilities in your digital assets. This platform offers comprehensive vulnerability management that enables you to identify, assess, and prioritize vulnerabilities in your equipment. Moreover, you can monitor potential threats and quickly detect and respond to any attack. With securityforeveryone.com, you can rest assured that your digital assets are in good hands.
REFERENCES
- http://packetstormsecurity.com/files/166713/Spring4Shell-Code-Execution.html
- http://packetstormsecurity.com/files/167011/Spring4Shell-Spring-Framework-Class-Property-Remote-Code-Execution.html
- https://cert-portal.siemens.com/productcert/pdf/ssa-254054.pdf
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005
- https://tanzu.vmware.com/security/cve-2022-22965
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-rce-Zx9GUc67
- https://www.oracle.com/security-alerts/cpuapr2022.html
control security posture