CVE-2022-22963

Description from NVD

In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources.

Information Acquisition Date:2022-04-30T16:40Z

CVSS 2.0: 7.5 HIGH CVSS 3.x: 9.8 CRITICAL

Attack Vector (AV)	Network	Adjacent	Local	Physical
Attack Complexity (AC)	LOW	High
Privileges Required (PR)	None	Low	High
User Interaction (UI)	None	Required
Scope (S)	Unchange	Change
Confidentiality (C)	None	Low	High
Integrity (I)	None	Low	High
Availability (A)	None	Low	High

Attack Vector (AV)	Network	Adjacent	Local
Access Complexity (AC)	Low	Medium	High
Authentication (Au)	None	Single	Multiple
Confidentiality (C)	None	Parical	Complete
Integrity (I)	None	Partial	Complete
Availability (A)	None	Partial	Complete

NVD References

This vulnerability may involve a PoC.

Refer to Information on External Sites

CVE Infomation	Exploits or more Infomation
mitre	EXPLOIT DATABASE
NVD	0day.today
vulmon.com	github
CVE Details	Twitter
JVN ENG JPN
Reconshell

CVE Infomation

Exploits or more Infomation

JVN ENG JPN

URL	Num of Times Referred to
https://alerts.vulmon.com/?utm_source=twitter&utm_medium=so...	206
https://cvetrends.com	53
http://cyberiqs.com/latestnews	37
https://piyolog.hatenadiary.jp/entry/2022/04/01/065946	16
https://lists.astaro.com/ASGV9-IPS-rules.html#0	14
https://ift.tt/PM4mXY1	11
https://www.scutum.jp/information/waf_tech_blog/2022/04/waf...	10
https://spring.io/blog/2022/03/29/cve-report-published-for-...	6
https://tanzu.vmware.com/security/cve-2022-22963	6
https://www.fastly.com/blog/spring-has-sprung-breaking-down...	5
https://www.tarlogic.com/blog/spring4shell-vulnerability-cv...	5
https://github.com/dinosn/CVE-2022-22963	4
https://tonernews.com/forums/topic/notice-of-the-potential-...	4
https://www.citrix.com/blogs/2022/04/01/guidance-for-reduci...	4
https://www.cyberkendra.com/2022/03/springshell-rce-0-day-v...	4
http://earmas.ga	3
https://vuldb.com/?ctiid.196070	3
https://sysdig.com/blog/cve-2022-22963-spring-cloud	3
https://opsmtrs.com/3fTgB6p	3
https://twitter.com/bytehx343/status/1509034539330732033	3
https://bugalert.org/content/notices/2022-03-29-spring.html	3
https://threatpost.com/critical-rce-bug-spring-log4shell/17...	3
https://www.lunasec.io/docs/blog/spring-rce-vulnerabilities	3
https://www.greynoise.io/viz/tag/spring-cloud-function-spel...	3
https://www.jpcert.or.jp/newsflash/2022040101.html	3
https://www.kitploit.com/2022/03/cve-2022-22963-poc-spring-...	3
https://securityboulevard.com/2022/03/update-on-0-day-vulne...	3
https://ipssignatures.appspot.com/?cve=CVE-2022-22963	3

URL

Num of Times Referred to

https://alerts.vulmon.com/?utm_source=twitter&utm_medium=so...

206

https://cvetrends.com

http://cyberiqs.com/latestnews

https://piyolog.hatenadiary.jp/entry/2022/04/01/065946

https://lists.astaro.com/ASGV9-IPS-rules.html#0

https://ift.tt/PM4mXY1

https://www.scutum.jp/information/waf_tech_blog/2022/04/waf...

https://spring.io/blog/2022/03/29/cve-report-published-for-...

https://tanzu.vmware.com/security/cve-2022-22963

https://www.fastly.com/blog/spring-has-sprung-breaking-down...

https://www.tarlogic.com/blog/spring4shell-vulnerability-cv...

https://github.com/dinosn/CVE-2022-22963

https://tonernews.com/forums/topic/notice-of-the-potential-...

https://www.citrix.com/blogs/2022/04/01/guidance-for-reduci...

https://www.cyberkendra.com/2022/03/springshell-rce-0-day-v...

http://earmas.ga

https://vuldb.com/?ctiid.196070

https://sysdig.com/blog/cve-2022-22963-spring-cloud

https://opsmtrs.com/3fTgB6p

https://twitter.com/bytehx343/status/1509034539330732033

https://bugalert.org/content/notices/2022-03-29-spring.html

https://threatpost.com/critical-rce-bug-spring-log4shell/17...

https://www.lunasec.io/docs/blog/spring-rce-vulnerabilities

https://www.greynoise.io/viz/tag/spring-cloud-function-spel...

https://www.jpcert.or.jp/newsflash/2022040101.html

https://www.kitploit.com/2022/03/cve-2022-22963-poc-spring-...

https://securityboulevard.com/2022/03/update-on-0-day-vulne...

https://ipssignatures.appspot.com/?cve=CVE-2022-22963

User	URL	Info Source	Date
san28704295	https://twitter.com/san28704295/status/1627996819195314178/...	Source san28704295 1627996819195314178	2023/02/21
san28704295	https://twitter.com/san28704295/status/1627998990817202176/...	Source san28704295 1627998990817202176	2023/02/21
SANTOSG78253403	https://www.bleepingcomputer.com/news/security/new-spring-j...	Source SANTOSG78253403 1628317255116197888	2023/02/22
san28704295	https://twitter.com/san28704295/status/1629012836184887303/...	Source san28704295 1629012836184887303	2023/02/24
san28704295	https://twitter.com/san28704295/status/1629013223633723395/...	Source san28704295 1629013223633723395	2023/02/24
buaqbot	https://ift.tt/Nc9tIp7	Source buaqbot 1634871949322080256	2023/03/12
buaqbot	https://ift.tt/m2HFEj6	Source buaqbot 1634871949322080256	2023/03/12
MASAbirokou	https://www.synopsys.com/blogs/software-security/ja-jp/cyrc...	Source MASAbirokou 1635259151487205376	2023/03/13
MASAbirokou	https://twitter.com/MASAbirokou/status/1635250330664574976	Source MASAbirokou 1635259151487205376	2023/03/13
MASAbirokou	https://www.scsk.jp/sp/sysdig/blog/container_security/cve-2...	Source MASAbirokou 1635265337871704065	2023/03/13
Prohacktiv3	https://github.com/lemmyz4n3771/CVE-2022-22963-PoC	Source Prohacktiv3 1635562184917884929	2023/03/14
Prohacktiv3	https://twitter.com/Prohacktiv3/status/1635562184917884929/...	Source Prohacktiv3 1635562184917884929	2023/03/14
decodebytes	https://twitter.com/decodebytes/status/1635972060647247872/...	Source decodebytes 1635972060647247872	2023/03/15
Shyjin_23	https://twitter.com/Shyjin_23/status/1636375605821456390/ph...	Source Shyjin_23 1636375605821456390	2023/03/16
ksg93rd	https://github.com/seifallahhomrani1/CVE-2023-0861-POC	Source ksg93rd 1637328373734313984	2023/03/19
hack_git	https://github.com/J0ey17/CVE-2022-22963_Reverse-Shell-Exploit	Source hack_git 1637473531561639938	2023/03/20
hack_git	https://t.me/hackgit/7949	Source hack_git 1637473531561639938	2023/03/20
hack_git	https://twitter.com/hack_git/status/1637473531561639938/pho...	Source hack_git 1637473531561639938	2023/03/20

List of frequently cited URLs

URL	Num of Times Referred to
alerts.vulmon.com	206
cvetrends.com	53
cyberiqs.com	37
piyolog.hatenadiary.jp	16
lists.astaro.com	14
ift.tt	11
www.scutum.jp	10
spring.io	6
tanzu.vmware.com	6
www.fastly.com	5
www.tarlogic.com	5
github.com	4
tonernews.com	4
www.citrix.com	4
www.cyberkendra.com	4
earmas.ga	3
vuldb.com	3
sysdig.com	3
opsmtrs.com	3
twitter.com	3
bugalert.org	3
threatpost.com	3
www.lunasec.io	3
www.greynoise.io	3
www.jpcert.or.jp	3
www.kitploit.com	3
securityboulevard.com	3
ipssignatures.appspot.com	3

▼ Show Information from Twitter(18)

User	URL	Info Source
san28704295	twitter.com	Show Tweet
san28704295	twitter.com	Show Tweet
SANTOSG78253403	bleepingcomputer.com	Show Tweet
san28704295	twitter.com	Show Tweet
san28704295	twitter.com	Show Tweet
buaqbot	ift.tt	Show Tweet
buaqbot	ift.tt	Show Tweet
MASAbirokou	synopsys.com	Show Tweet
MASAbirokou	twitter.com	Show Tweet
MASAbirokou	scsk.jp	Show Tweet
Prohacktiv3	github.com	Show Tweet
Prohacktiv3	twitter.com	Show Tweet
decodebytes	twitter.com	Show Tweet
Shyjin_23	twitter.com	Show Tweet
ksg93rd	github.com	Show Tweet
hack_git	github.com	Show Tweet
hack_git	t.me	Show Tweet
hack_git	twitter.com	Show Tweet

Name	URL
dinosn/CVE-2022-22963	https://github.com/dinosn/CVE-2022-22963
darryk10/CVE-2022-22963	https://github.com/darryk10/CVE-2022-22963
hktalent/spring-spel-0day-poc	https://github.com/hktalent/spring-spel-0day-poc
jschauma/check-springshell	https://github.com/jschauma/check-springshell
exploitbin/CVE-2022-22963-Spring-Core-RCE	https://github.com/exploitbin/CVE-2022-22963-Spring-Core-RCE
SealPaPaPa/SpringCloudFunction-Research	https://github.com/SealPaPaPa/SpringCloudFunction-Research
k3rwin/spring-cloud-function-rce	https://github.com/k3rwin/spring-cloud-function-rce
AayushmanThapaMagar/CVE-2022-22963	https://github.com/AayushmanThapaMagar/CVE-2022-22963
Anonymous-ghost/AttackWebFrameworkTools-5.0	https://github.com/Anonymous-ghost/AttackWebFrameworkTools-5.0
XuCcc/VulEnv	https://github.com/XuCcc/VulEnv

Name

URL

dinosn/CVE-2022-22963

https://github.com/dinosn/CVE-2022-22963

darryk10/CVE-2022-22963

https://github.com/darryk10/CVE-2022-22963

hktalent/spring-spel-0day-poc

https://github.com/hktalent/spring-spel-0day-poc

jschauma/check-springshell

https://github.com/jschauma/check-springshell

exploitbin/CVE-2022-22963-Spring-Core-RCE

https://github.com/exploitbin/CVE-2022-22963-Spring-Core-RCE

SealPaPaPa/SpringCloudFunction-Research

https://github.com/SealPaPaPa/SpringCloudFunction-Research

k3rwin/spring-cloud-function-rce

https://github.com/k3rwin/spring-cloud-function-rce

AayushmanThapaMagar/CVE-2022-22963

https://github.com/AayushmanThapaMagar/CVE-2022-22963

Anonymous-ghost/AttackWebFrameworkTools-5.0

https://github.com/Anonymous-ghost/AttackWebFrameworkTools-5.0

XuCcc/VulEnv

https://github.com/XuCcc/VulEnv

GitHub Search Results: Up to 10

Name	URL
dinosn/CVE-2022-22963	github.com
darryk10/CVE-2022-22963	github.com
hktalent/spring-spel-0day-poc	github.com
jschauma/check-springshell	github.com
exploitbin/CVE-2022-22963-Spring-Core-RCE	github.com
SealPaPaPa/SpringCloudFunction-Research	github.com
k3rwin/spring-cloud-function-rce	github.com
AayushmanThapaMagar/CVE-2022-22963	github.com
Anonymous-ghost/AttackWebFrameworkTools-5.0	github.com
XuCcc/VulEnv	github.com

2023/04/06 Score : 0
Added Har-sia Database : 2022/03/30
Last Modified : 2023/04/06
Highest Scored Date : 2022/03/31
Highest Score : 239

CVE-2022-22963

Description from NVD

▼ CVSS3 Vec CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

▼ CVSS2 Vec AV:N/AC:L/Au:N/C:P/I:P/A:P

NVD References

Refer to Information on External Sites

▼ Show Information from Twitter(18)

▼ Show Information from Twitter(18)