CVE-2022-22965 Report - Details, Severity, & Advisories
Twingate Team
•
Dec 9, 2023
CVE-2022-22965 is a critical remote code execution (RCE) vulnerability affecting Spring MVC or Spring WebFlux applications running on JDK 9 or higher. With a severity rating of 9.8, this vulnerability can be exploited via data binding and specifically impacts systems deployed on Tomcat as a WAR deployment.
How do I know if I'm affected by?
If you're using a Spring MVC or Spring WebFlux application running on JDK 9 or higher, you might be affected by the CVE-2022-22965 vulnerability. This vulnerability can lead to remote code execution (RCE) via data binding, but only if your application is deployed as a WAR on Tomcat. Affected Spring Framework versions include 5.3.0 to 5.3.17, 5.2.0 to 5.2.19, and older unsupported versions. To check if you're affected, verify your application's deployment method and Spring Framework version.
What should I do if I'm affected?
If you're affected by the CVE-2022-22965 vulnerability, it's crucial to take action to secure your system. To do this, follow these simple steps:
Upgrade to Spring Framework version 5.3.18+ if using version 5.3.x.
Upgrade to Spring Framework version 5.2.20+ if using version 5.2.x.
If you can't upgrade to the fixed versions, follow additional mitigation steps described in the Spring Framework's security advisory.
Is this in CISA’s Known Exploited Vulnerabilities Catalog?
The CVE-2022-22965 vulnerability, also known as "Spring Framework JDK 9+ Remote Code Execution Vulnerability," is indeed in CISA's Known Exploited Vulnerabilities Catalog. It was added on April 4, 2022, and has a due date of April 25, 2022. The required action is to apply updates per vendor instructions. In simple terms, this vulnerability affects certain Spring MVC or Spring WebFlux applications running on JDK 9 or higher and deployed on Apache Tomcat as a WAR deployment, allowing attackers to execute remote code. Upgrading to the recommended versions is the primary mitigation step.
Weakness enumeration
The weakness enumeration for this vulnerability is categorized as CWE-94, which in Spring MVC or Spring WebFlux applications running on JDK 9+ and deployed on Tomcat as a WAR.
For more details
CVE-2022-22965 vulnerability poses a significant risk to affected systems, it's clear that organizations should take necessary precautions to mitigate the risks associated with this critical security issue. For more information about the CVE-2022-22965 vulnerability, visit the NVD page or the links below.
Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.
CVE-2022-22965 Report - Details, Severity, & Advisories
Twingate Team
•
Dec 9, 2023
CVE-2022-22965 is a critical remote code execution (RCE) vulnerability affecting Spring MVC or Spring WebFlux applications running on JDK 9 or higher. With a severity rating of 9.8, this vulnerability can be exploited via data binding and specifically impacts systems deployed on Tomcat as a WAR deployment.
How do I know if I'm affected by?
If you're using a Spring MVC or Spring WebFlux application running on JDK 9 or higher, you might be affected by the CVE-2022-22965 vulnerability. This vulnerability can lead to remote code execution (RCE) via data binding, but only if your application is deployed as a WAR on Tomcat. Affected Spring Framework versions include 5.3.0 to 5.3.17, 5.2.0 to 5.2.19, and older unsupported versions. To check if you're affected, verify your application's deployment method and Spring Framework version.
What should I do if I'm affected?
If you're affected by the CVE-2022-22965 vulnerability, it's crucial to take action to secure your system. To do this, follow these simple steps:
Upgrade to Spring Framework version 5.3.18+ if using version 5.3.x.
Upgrade to Spring Framework version 5.2.20+ if using version 5.2.x.
If you can't upgrade to the fixed versions, follow additional mitigation steps described in the Spring Framework's security advisory.
Is this in CISA’s Known Exploited Vulnerabilities Catalog?
The CVE-2022-22965 vulnerability, also known as "Spring Framework JDK 9+ Remote Code Execution Vulnerability," is indeed in CISA's Known Exploited Vulnerabilities Catalog. It was added on April 4, 2022, and has a due date of April 25, 2022. The required action is to apply updates per vendor instructions. In simple terms, this vulnerability affects certain Spring MVC or Spring WebFlux applications running on JDK 9 or higher and deployed on Apache Tomcat as a WAR deployment, allowing attackers to execute remote code. Upgrading to the recommended versions is the primary mitigation step.
Weakness enumeration
The weakness enumeration for this vulnerability is categorized as CWE-94, which in Spring MVC or Spring WebFlux applications running on JDK 9+ and deployed on Tomcat as a WAR.
For more details
CVE-2022-22965 vulnerability poses a significant risk to affected systems, it's clear that organizations should take necessary precautions to mitigate the risks associated with this critical security issue. For more information about the CVE-2022-22965 vulnerability, visit the NVD page or the links below.
Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.
CVE-2022-22965 Report - Details, Severity, & Advisories
Twingate Team
•
Dec 9, 2023
CVE-2022-22965 is a critical remote code execution (RCE) vulnerability affecting Spring MVC or Spring WebFlux applications running on JDK 9 or higher. With a severity rating of 9.8, this vulnerability can be exploited via data binding and specifically impacts systems deployed on Tomcat as a WAR deployment.
How do I know if I'm affected by?
If you're using a Spring MVC or Spring WebFlux application running on JDK 9 or higher, you might be affected by the CVE-2022-22965 vulnerability. This vulnerability can lead to remote code execution (RCE) via data binding, but only if your application is deployed as a WAR on Tomcat. Affected Spring Framework versions include 5.3.0 to 5.3.17, 5.2.0 to 5.2.19, and older unsupported versions. To check if you're affected, verify your application's deployment method and Spring Framework version.
What should I do if I'm affected?
If you're affected by the CVE-2022-22965 vulnerability, it's crucial to take action to secure your system. To do this, follow these simple steps:
Upgrade to Spring Framework version 5.3.18+ if using version 5.3.x.
Upgrade to Spring Framework version 5.2.20+ if using version 5.2.x.
If you can't upgrade to the fixed versions, follow additional mitigation steps described in the Spring Framework's security advisory.
Is this in CISA’s Known Exploited Vulnerabilities Catalog?
The CVE-2022-22965 vulnerability, also known as "Spring Framework JDK 9+ Remote Code Execution Vulnerability," is indeed in CISA's Known Exploited Vulnerabilities Catalog. It was added on April 4, 2022, and has a due date of April 25, 2022. The required action is to apply updates per vendor instructions. In simple terms, this vulnerability affects certain Spring MVC or Spring WebFlux applications running on JDK 9 or higher and deployed on Apache Tomcat as a WAR deployment, allowing attackers to execute remote code. Upgrading to the recommended versions is the primary mitigation step.
Weakness enumeration
The weakness enumeration for this vulnerability is categorized as CWE-94, which in Spring MVC or Spring WebFlux applications running on JDK 9+ and deployed on Tomcat as a WAR.
For more details
CVE-2022-22965 vulnerability poses a significant risk to affected systems, it's clear that organizations should take necessary precautions to mitigate the risks associated with this critical security issue. For more information about the CVE-2022-22965 vulnerability, visit the NVD page or the links below.