CVE-2022-22965

Description from NVD

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.

Attack Vector (AV)	Network	Adjacent	Local	Physical
Attack Complexity (AC)	LOW	High
Privileges Required (PR)	None	Low	High
User Interaction (UI)	None	Required
Scope (S)	Unchange	Change
Confidentiality (C)	None	Low	High
Integrity (I)	None	Low	High
Availability (A)	None	Low	High

CVE Infomation	Exploits or more Infomation
mitre	EXPLOIT DATABASE
NVD	0day.today
vulmon.com	github
CVE Details	Twitter
JVN ENG JPN
Reconshell

URL	Num of Times Referred to
https://alerts.vulmon.com/?utm_source=twitter&utm_medium=so...	213
https://thehackernews	167
https://cvetrends.com	54
http://twinybots.ch	43
https://lists.astaro.com/ASGV9-IPS-rules.html#0	17
http://cyberiqs.com/latestnews	11
https://security.sios.com/vulnerability/spring4shell-vulner...	11
https://ift.tt/OEkRX9j	10
http://t.me/gobies	9
http://patrowl.io	9
https://www.cyberkendra.com/2022/03/springshell-rce-0-day-v...	8
https://thehackernews.com/2022/03/security-patch-releases-f...	7
https://security.srad.jp/story/22/04/04/1617223	6
https://b.hatena.ne.jp/entry/s/piyolog.hatenadiary.jp/entry...	5
https://www.fastly.com/blog/spring-has-sprung-breaking-down...	5
https://www.vmware.com/security/advisories/VMSA-2022-0010.html	5
https://www.tarlogic.com/blog/spring4shell-vulnerability-cv...	5
https://securityboulevard.com/2022/04/spring4shell-zero-day...	5
https://github.com/BobTheShoplifter/Spring4Shell-POC	4
https://nekotosec.com/validate-spring4shell	4
https://tonernews.com/forums/topic/notice-of-the-potential-...	4
https://www.citrix.com/blogs/2022/04/01/guidance-for-reduci...	4
https://www.netspi.com/blog/executive/application-security/...	4
http://www.kitploit.com/2022/05/spring4shell-poc-dockerized...	4
https://www.traceable.ai/blog-post/spring4shell-vulnerabili...	4
https://mvnrepository.com/artifact/org.springframework.boot...	4
https://dev.classmethod.jp/articles/springboot-spring4shell	4
https://research.splunk.com	4
https://piyolog.hatenadiary.jp/entry/2022/04/01/065946	4
https://www.helpnetsecurity.com/2022/04/01/cve-2022-22965	4
https://bit.ly/3JYNgnY	3
https://pos.li/2kyqjf	3
https://buff.ly/3KpZXbW	3
https://spring.io/blog/2022	3
https://sysdig.com/blog/cve-2022-22965-spring-core-spring4s...	3
https://opsmtrs.com/3fTgB6p	3
https://twitter.com/piyokango/status/1509651714944606210	3
https://www.scsk.jp/sp/sysdig/blog/container_security/sprin...	3
https://isc.sans.edu/forums/diary/28504	3
https://www.cisa.gov/known-exploited-vulnerabilities-catalog	3
http://Betterscan.io	3
https://tryhackme.com/room/spring4shell	3
https://www.scutum.jp/information/waf_tech_blog/2022/04/waf...	3
https://securelist.com/spring4shell-cve-2022-22965/106239	3
https://www.jenkins.io/blog/2022/03/31/spring-rce-CVE-2022-...	3
https://www.lunasec.io/docs/blog/spring-rce-vulnerabilities	3
https://www.rapid7.com/blog/post/2022/03/30/spring4shell-ze...	3
https://www.reddit.com/r/netsec/comments/ty1u2b/spring_fram...	3
https://dso.atomist.com/cve/CVE-2022-22965	3
https://www.tenable.com/blog/spring4shell-faq-spring-framew...	3
http://SecurityWeek.Com	3
https://tanzu.vmware.com/security/cve-2022-22965	3
http://www.cliptags.net/Rd?u=https://piyolog.hatenadiary.jp...	3
https://www.greynoise.io/viz/tag/spring-cloud-function-spel...	3
https://www.jpcert.or.jp/newsflash/2022040101.html	3
https://www.veracode.com/blog/security-news/spring-framewor...	3
https://www.microsoft.com/security/blog/2022/04/04/springsh...	3
https://www.secuavail.com/kb/log-technique/springframework-...	3
https://networks.unify.com/security/advisories/OBSO-2204-01...	3
https://otx.alienvault.com/pulse/625552517551031b5f67f851	3
https://www.trendmicro.com/en_us/research/22/d/cve-2022-229...	3
https://fidelissecurity.com/threatgeek/archive/spring-ahead...	3
https://community.tanium.com/s/article/How-Tanium-can-help-...	3
https://www.securityweek.com/spring4shell-exploitation-atte...	3
https://blog.trendmicro.co.jp/archives/31044	3
https://cert-portal.siemens.com/productcert/pdf/ssa-254054.pdf	3
https://msrc-blog.microsoft.com/2022/04/05/microsofts-respo...	3
https://research.trendmicro.com/3rkGlOH	3
https://ipssignatures.appspot.com/?cve=CVE-2022-22965	3
https://unit42.paloaltonetworks.jp/cve-2022-22965-springshell	3
https://unit42.paloaltonetworks.com/cve-2022-22965-springshell	3

User	URL	Info Source	Date
WolfgangSesin	http://www.sesin.at	Source WolfgangSesin 1624815748349657092	2023/02/13
WolfgangSesin	https://www.sesin.at/2023/02/12/cve-2022-22965-access_appli...	Source WolfgangSesin 1624815748349657092	2023/02/13
www_sesin_at	http://www.sesin.at	Source www_sesin_at 1624815750782361606	2023/02/13
www_sesin_at	https://www.sesin.at/2023/02/12/cve-2022-22965-access_appli...	Source www_sesin_at 1624815750782361606	2023/02/13
WolfgangSesin	http://www.sesin.at	Source WolfgangSesin 1625242533407125509	2023/02/14
WolfgangSesin	https://www.sesin.at/2023/02/13/cve-2022-22965-spring-frame...	Source WolfgangSesin 1625242533407125509	2023/02/14
www_sesin_at	http://www.sesin.at	Source www_sesin_at 1625242535634300930	2023/02/14
www_sesin_at	https://www.sesin.at/2023/02/13/cve-2022-22965-spring-frame...	Source www_sesin_at 1625242535634300930	2023/02/14
buaqbot	https://ift.tt/y3G6zpc	Source buaqbot 1640985012697694209	2023/03/29
buaqbot	https://ift.tt/1qgYABL	Source buaqbot 1640985012697694209	2023/03/29
buaqbot	https://ift.tt/j4qKS0n	Source buaqbot 1641634978273296384	2023/03/31
buaqbot	https://ift.tt/q1jydOT	Source buaqbot 1641634978273296384	2023/03/31
TrendMicroES	https://bit.ly/3M0II4v	Source TrendMicroES 1641681736101777410	2023/03/31
TrendMicroES	https://twitter.com/TrendMicroES/status/1641681736101777410...	Source TrendMicroES 1641681736101777410	2023/03/31

URL	Num of Times Referred to
alerts.vulmon.com	213
thehackernews	167
cvetrends.com	54
twinybots.ch	43
lists.astaro.com	17
cyberiqs.com	11
security.sios.com	11
ift.tt	10
t.me	9
patrowl.io	9
www.cyberkendra.com	8
thehackernews.com	7
security.srad.jp	6
b.hatena.ne.jp	5
www.fastly.com	5
www.vmware.com	5
www.tarlogic.com	5
securityboulevard.com	5
github.com	4
nekotosec.com	4
tonernews.com	4
www.citrix.com	4
www.netspi.com	4
www.kitploit.com	4
www.traceable.ai	4
mvnrepository.com	4
dev.classmethod.jp	4
research.splunk.com	4
piyolog.hatenadiary.jp	4
www.helpnetsecurity.com	4
bit.ly	3
pos.li	3
buff.ly	3
spring.io	3
sysdig.com	3
opsmtrs.com	3
twitter.com	3
www.scsk.jp	3
isc.sans.edu	3
www.cisa.gov	3
Betterscan.io	3
tryhackme.com	3
www.scutum.jp	3
securelist.com	3
www.jenkins.io	3
www.lunasec.io	3
www.rapid7.com	3
www.reddit.com	3
dso.atomist.com	3
www.tenable.com	3
SecurityWeek.Com	3
tanzu.vmware.com	3
www.cliptags.net	3
www.greynoise.io	3
www.jpcert.or.jp	3
www.veracode.com	3
www.microsoft.com	3
www.secuavail.com	3
networks.unify.com	3
otx.alienvault.com	3
www.trendmicro.com	3
fidelissecurity.com	3
community.tanium.com	3
www.securityweek.com	3
blog.trendmicro.co.jp	3
cert-portal.siemens.com	3
msrc-blog.microsoft.com	3
research.trendmicro.com	3
ipssignatures.appspot.com	3
unit42.paloaltonetworks.jp	3
unit42.paloaltonetworks.com	3

User	URL	Info Source
WolfgangSesin	sesin.at	Show Tweet
WolfgangSesin	sesin.at	Show Tweet
www_sesin_at	sesin.at	Show Tweet
www_sesin_at	sesin.at	Show Tweet
WolfgangSesin	sesin.at	Show Tweet
WolfgangSesin	sesin.at	Show Tweet
www_sesin_at	sesin.at	Show Tweet
www_sesin_at	sesin.at	Show Tweet
buaqbot	ift.tt	Show Tweet
buaqbot	ift.tt	Show Tweet
buaqbot	ift.tt	Show Tweet
buaqbot	ift.tt	Show Tweet
TrendMicroES	bit.ly	Show Tweet
TrendMicroES	twitter.com	Show Tweet

Name	URL
reznok/Spring4Shell-POC	https://github.com/reznok/Spring4Shell-POC
TheGejr/SpringShell	https://github.com/TheGejr/SpringShell
BobTheShoplifter/Spring4Shell-POC	https://github.com/BobTheShoplifter/Spring4Shell-POC
alt3kx/CVE-2022-22965	https://github.com/alt3kx/CVE-2022-22965
Mr-xn/spring-core-rce	https://github.com/Mr-xn/spring-core-rce
Kirill89/CVE-2022-22965-PoC	https://github.com/Kirill89/CVE-2022-22965-PoC
DDuarte/springshell-rce-poc	https://github.com/DDuarte/springshell-rce-poc
4nth0ny1130/spring4shell_behinder	https://github.com/4nth0ny1130/spring4shell_behinder
tangxiaofeng7/CVE-2022-22965-Spring-Core-Rce	https://github.com/tangxiaofeng7/CVE-2022-22965-Spring-Core-Rce
light-Life/CVE-2022-22965-GUItools	https://github.com/light-Life/CVE-2022-22965-GUItools

CVE-2022-22965

Description from NVD

▼ CVSS3 Vec CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

▼ CVSS2 Vec AV:N/AC:L/Au:N/C:P/I:P/A:P

NVD References

Refer to Information on External Sites

▼ Show Information from Twitter(14)

▼ Show Information from Twitter(14)