CVE-2022-22965

Description from NVD

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.

Information Acquisition Date:2022-08-14T14:48Z
CVSS 2.0: 7.5 HIGH CVSS 3.x: 9.8 CRITICAL

▼ CVSS3 Vec CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

▼ CVSS2 Vec AV:N/AC:L/Au:N/C:P/I:P/A:P

NVD References

 https://tanzu.vmware.com/security/cve-2022-22965
     source:MISC
     tags:Mitigation    Vendor Advisory    
 20220401 Vulnerability in Spring Framework Affecting Cisco Products: March 2022
     source:CISCO
     tags:Third Party Advisory    
 https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005
     source:CONFIRM
     tags:Third Party Advisory    
 http://packetstormsecurity.com/files/166713/Spring4Shell-Code-Execution.html
     source:MISC
     tags:Exploit    Third Party Advisory    VDB Entry    
 https://cert-portal.siemens.com/productcert/pdf/ssa-254054.pdf
     source:CONFIRM
     tags:Third Party Advisory    
 https://www.oracle.com/security-alerts/cpuapr2022.html
     source:MISC
     tags:Third Party Advisory    
 http://packetstormsecurity.com/files/167011/Spring4Shell-Spring-Framework-Class-Property-Remote-Code-Execution.html
     source:MISC
     tags:Third Party Advisory    VDB Entry    
 N/A
     source:N/A
     tags:

This vulnerability may involve a PoC.

Refer to Information on External Sites

CVE InfomationExploits or more Infomation
mitreEXPLOIT DATABASE
NVD0day.today
vulmon.comgithub
CVE DetailsTwitter
JVN ENG JPN
Reconshell

Software Tag: BIG-IP(2 tweets) Chrome(2 tweets) Java(1 tweets)

List of frequently cited URLs

URLNum of Times Referred to
https://alerts.vulmon.com/?utm_source=twitter&utm_medium=so...213
https://thehackernews167
https://cvetrends.com54
http://twinybots.ch43
https://lists.astaro.com/ASGV9-IPS-rules.html#017
http://cyberiqs.com/latestnews11
https://security.sios.com/vulnerability/spring4shell-vulner...11
https://ift.tt/OEkRX9j10
http://t.me/gobies9
http://patrowl.io9
https://www.cyberkendra.com/2022/03/springshell-rce-0-day-v...8
https://thehackernews.com/2022/03/security-patch-releases-f...7
https://security.srad.jp/story/22/04/04/16172236
https://b.hatena.ne.jp/entry/s/piyolog.hatenadiary.jp/entry...5
https://www.fastly.com/blog/spring-has-sprung-breaking-down...5
https://www.vmware.com/security/advisories/VMSA-2022-0010.html5
https://www.tarlogic.com/blog/spring4shell-vulnerability-cv...5
https://securityboulevard.com/2022/04/spring4shell-zero-day...5
https://github.com/BobTheShoplifter/Spring4Shell-POC4
https://nekotosec.com/validate-spring4shell4
https://tonernews.com/forums/topic/notice-of-the-potential-...4
https://www.citrix.com/blogs/2022/04/01/guidance-for-reduci...4
https://www.netspi.com/blog/executive/application-security/...4
http://www.kitploit.com/2022/05/spring4shell-poc-dockerized...4
https://www.traceable.ai/blog-post/spring4shell-vulnerabili...4
https://mvnrepository.com/artifact/org.springframework.boot...4
https://dev.classmethod.jp/articles/springboot-spring4shell4
https://research.splunk.com4
https://piyolog.hatenadiary.jp/entry/2022/04/01/0659464
https://www.helpnetsecurity.com/2022/04/01/cve-2022-229654
https://bit.ly/3JYNgnY3
https://pos.li/2kyqjf3
https://buff.ly/3KpZXbW3
https://spring.io/blog/20223
https://sysdig.com/blog/cve-2022-22965-spring-core-spring4s...3
https://opsmtrs.com/3fTgB6p3
https://twitter.com/piyokango/status/15096517149446062103
https://www.scsk.jp/sp/sysdig/blog/container_security/sprin...3
https://isc.sans.edu/forums/diary/285043
https://www.cisa.gov/known-exploited-vulnerabilities-catalog3
http://Betterscan.io3
https://tryhackme.com/room/spring4shell3
https://www.scutum.jp/information/waf_tech_blog/2022/04/waf...3
https://securelist.com/spring4shell-cve-2022-22965/1062393
https://www.jenkins.io/blog/2022/03/31/spring-rce-CVE-2022-...3
https://www.lunasec.io/docs/blog/spring-rce-vulnerabilities3
https://www.rapid7.com/blog/post/2022/03/30/spring4shell-ze...3
https://www.reddit.com/r/netsec/comments/ty1u2b/spring_fram...3
https://dso.atomist.com/cve/CVE-2022-229653
https://www.tenable.com/blog/spring4shell-faq-spring-framew...3
http://SecurityWeek.Com3
https://tanzu.vmware.com/security/cve-2022-229653
http://www.cliptags.net/Rd?u=https://piyolog.hatenadiary.jp...3
https://www.greynoise.io/viz/tag/spring-cloud-function-spel...3
https://www.jpcert.or.jp/newsflash/2022040101.html3
https://www.veracode.com/blog/security-news/spring-framewor...3
https://www.microsoft.com/security/blog/2022/04/04/springsh...3
https://www.secuavail.com/kb/log-technique/springframework-...3
https://networks.unify.com/security/advisories/OBSO-2204-01...3
https://otx.alienvault.com/pulse/625552517551031b5f67f8513
https://www.trendmicro.com/en_us/research/22/d/cve-2022-229...3
https://fidelissecurity.com/threatgeek/archive/spring-ahead...3
https://community.tanium.com/s/article/How-Tanium-can-help-...3
https://www.securityweek.com/spring4shell-exploitation-atte...3
https://blog.trendmicro.co.jp/archives/310443
https://cert-portal.siemens.com/productcert/pdf/ssa-254054.pdf3
https://msrc-blog.microsoft.com/2022/04/05/microsofts-respo...3
https://research.trendmicro.com/3rkGlOH3
https://ipssignatures.appspot.com/?cve=CVE-2022-229653
https://unit42.paloaltonetworks.jp/cve-2022-22965-springshell3
https://unit42.paloaltonetworks.com/cve-2022-22965-springshell3

Information from Twitter

User URL Info Source Date
0xChevalier https://tryhackme.com/room/spring4shell Source 0xChevalier      1596300915837145088 2022/11/26
hackplayers https://blog.pentesteracademy.com/lab-walkthrough-exploitin... Source hackplayers      1596587272933371904 2022/11/27
n0ipr0cs https://twitter.com/n0ipr0cs/status/1597571635292536832/pho... Source n0ipr0cs         1597571635292536832 2022/11/29
NandanLohitaksh http://4.Google Source NandanLohitaksh 1599495693563203585 2022/12/05
Prohacktiv3 https://github.com/devengpk/CVE-2022-22965 Source Prohacktiv3      1602577992508735488 2022/12/13
Prohacktiv3 https://github.com/v0lp3/CVE-2022-39066 Source Prohacktiv3      1602577992508735488 2022/12/13
Prohacktiv3 https://twitter.com/Prohacktiv3/status/1602577992508735488/... Source Prohacktiv3      1602577992508735488 2022/12/13
TrustedSec https://www.trustedsec.com/blog/cve-2022-22965-spring4shell... Source TrustedSec       1604871467262435331 2022/12/20

List of frequently cited URLs

URLNum of Times Referred to
alerts.vulmon.com213
thehackernews167
cvetrends.com54
twinybots.ch43
lists.astaro.com17
cyberiqs.com11
security.sios.com11
ift.tt10
t.me9
patrowl.io9
www.cyberkendra.com8
thehackernews.com7
security.srad.jp6
b.hatena.ne.jp5
www.fastly.com5
www.vmware.com5
www.tarlogic.com5
securityboulevard.com5
github.com4
nekotosec.com4
tonernews.com4
www.citrix.com4
www.netspi.com4
www.kitploit.com4
www.traceable.ai4
mvnrepository.com4
dev.classmethod.jp4
research.splunk.com4
piyolog.hatenadiary.jp4
www.helpnetsecurity.com4
bit.ly3
pos.li3
buff.ly3
spring.io3
sysdig.com3
opsmtrs.com3
twitter.com3
www.scsk.jp3
isc.sans.edu3
www.cisa.gov3
Betterscan.io3
tryhackme.com3
www.scutum.jp3
securelist.com3
www.jenkins.io3
www.lunasec.io3
www.rapid7.com3
www.reddit.com3
dso.atomist.com3
www.tenable.com3
SecurityWeek.Com3
tanzu.vmware.com3
www.cliptags.net3
www.greynoise.io3
www.jpcert.or.jp3
www.veracode.com3
www.microsoft.com3
www.secuavail.com3
networks.unify.com3
otx.alienvault.com3
www.trendmicro.com3
fidelissecurity.com3
community.tanium.com3
www.securityweek.com3
blog.trendmicro.co.jp3
cert-portal.siemens.com3
msrc-blog.microsoft.com3
research.trendmicro.com3
ipssignatures.appspot.com3
unit42.paloaltonetworks.jp3
unit42.paloaltonetworks.com3

Information from Twitter

User URL Info Source
0xChevalier tryhackme.com Show Tweet
hackplayers blog.pentesteracademy.com Show Tweet
n0ipr0cs twitter.com Show Tweet
NandanLohitaksh 4.Google Show Tweet
Prohacktiv3 github.com Show Tweet
Prohacktiv3 github.com Show Tweet
Prohacktiv3 twitter.com Show Tweet
TrustedSec trustedsec.com Show Tweet
GitHub Search Results: Up to 10
NameURL
reznok/Spring4Shell-POC https://github.com/reznok/Spring4Shell-POC
TheGejr/SpringShell https://github.com/TheGejr/SpringShell
BobTheShoplifter/Spring4Shell-POC https://github.com/BobTheShoplifter/Spring4Shell-POC
alt3kx/CVE-2022-22965 https://github.com/alt3kx/CVE-2022-22965
Mr-xn/spring-core-rce https://github.com/Mr-xn/spring-core-rce
Kirill89/CVE-2022-22965-PoC https://github.com/Kirill89/CVE-2022-22965-PoC
DDuarte/springshell-rce-poc https://github.com/DDuarte/springshell-rce-poc
4nth0ny1130/spring4shell_behinder https://github.com/4nth0ny1130/spring4shell_behinder
tangxiaofeng7/CVE-2022-22965-Spring-Core-Rce https://github.com/tangxiaofeng7/CVE-2022-22965-Spring-Core-Rce
light-Life/CVE-2022-22965-GUItools https://github.com/light-Life/CVE-2022-22965-GUItools
GitHub Search Results: Up to 10
NameURL
reznok/Spring4Shell-POC github.com
TheGejr/SpringShell github.com
BobTheShoplifter/Spring4Shell-POC github.com
alt3kx/CVE-2022-22965 github.com
Mr-xn/spring-core-rce github.com
Kirill89/CVE-2022-22965-PoC github.com
DDuarte/springshell-rce-poc github.com
4nth0ny1130/spring4shell_behinder github.com
tangxiaofeng7/CVE-2022-22965-Spring-Core-Rce github.com
light-Life/CVE-2022-22965-GUItools github.com
2023/01/04 Score : 0
Added Har-sia Database : 2022/03/31
Last Modified : 2023/01/04
Highest Scored Date : 2022/04/01
Highest Score : 468