CVE-2022-22965
Description
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.
Risk Information
Base Score
9.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
94.428
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Spring4Shell Vulnerability (CVE-2022-22965) | Windows |
| Multiple vulnerabilities are affected in Oracle WebLogic Server 12.2.1.3.0 | Windows |
| Multiple vulnerabilities are affected in Oracle WebLogic Server 12.2.1.4.0 | Windows |
| Multiple vulnerabilities are affected in Oracle WebLogic Server 14.1.1.0.0 | Windows |
| Vulnerabilities CVE-2022-22965 are fixed in Spring-webmvc 5.3.18 | Windows |
| Vulnerabilities CVE-2022-22965 are fixed in Spring-webmvc 5.2.20 | Windows |
| Vulnerabilities CVE-2022-22965 are fixed in Spring-webflux 5.3.18 | Windows |
| Vulnerabilities CVE-2022-22965 are fixed in Spring-webflux 5.2.20 | Windows |
| Vulnerabilities CVE-2022-22965 are fixed in spring-beans 5.3.18 | Windows |
| Vulnerabilities CVE-2022-22965 are fixed in spring-beans 5.2.20 | Windows |
| Vulnerabilities CVE-2022-22965 are fixed in Spring-boot-starter-web 2.5.12 | Windows |
| Vulnerabilities CVE-2022-22965 are fixed in Spring-boot-starter-web 2.6.6 | Windows |
| Vulnerabilities CVE-2022-22965 are fixed in Spring-boot-starter-webflux 2.5.12 | Windows |
| Vulnerabilities CVE-2022-22965 are fixed in Spring-boot-starter-webflux 2.6.6 | Windows |
| Multiple vulnerabilities are affected in Oracle Commerce Platform 11.3.2 | Windows |
| Multiple Vulnerabilities are affected in IBM Tivoli Monitoring 6.3.0.7 | Windows |
| Multiple Vulnerabilities are affected in IBM Cognos Controller 10.4.0 | Windows |
| Multiple Vulnerabilities are affected in IBM Cognos Controller 10.4.1 | Windows |
| Multiple Vulnerabilities are affected in IBM Cognos Controller 10.4.2 | Windows |
| Multiple Vulnerabilities are affected in IBM Sterling B2B Integrator 6.0.3.6 | Windows |
| Multiple Vulnerabilities are affected in IBM Sterling B2B Integrator 6.1.0.5 | Windows |
| Modular Java/J2EE application framework (USN-7165-1) libspring-aop-java_4.3.30-2ubuntu0.24.10.1_all.deb | Linux |
| Modular Java/J2EE application framework (USN-7165-1) libspring-beans-java_4.3.30-2ubuntu0.24.10.1_all.deb | Linux |
| Modular Java/J2EE application framework (USN-7165-1) libspring-context-java_4.3.30-2ubuntu0.24.10.1_all.deb | Linux |
| Modular Java/J2EE application framework (USN-7165-1) libspring-context-support-java_4.3.30-2ubuntu0.24.10.1_all.deb | Linux |
| Modular Java/J2EE application framework (USN-7165-1) libspring-core-java_4.3.30-2ubuntu0.24.10.1_all.deb | Linux |
| Modular Java/J2EE application framework (USN-7165-1) libspring-expression-java_4.3.30-2ubuntu0.24.10.1_all.deb | Linux |
| Modular Java/J2EE application framework (USN-7165-1) libspring-instrument-java_4.3.30-2ubuntu0.24.10.1_all.deb | Linux |
| Modular Java/J2EE application framework (USN-7165-1) libspring-jdbc-java_4.3.30-2ubuntu0.24.10.1_all.deb | Linux |
| Modular Java/J2EE application framework (USN-7165-1) libspring-jms-java_4.3.30-2ubuntu0.24.10.1_all.deb | Linux |
| Modular Java/J2EE application framework (USN-7165-1) libspring-messaging-java_4.3.30-2ubuntu0.24.10.1_all.deb | Linux |
| Modular Java/J2EE application framework (USN-7165-1) libspring-orm-java_4.3.30-2ubuntu0.24.10.1_all.deb | Linux |
| Modular Java/J2EE application framework (USN-7165-1) libspring-oxm-java_4.3.30-2ubuntu0.24.10.1_all.deb | Linux |
| Modular Java/J2EE application framework (USN-7165-1) libspring-transaction-java_4.3.30-2ubuntu0.24.10.1_all.deb | Linux |
| Modular Java/J2EE application framework (USN-7165-1) libspring-web-java_4.3.30-2ubuntu0.24.10.1_all.deb | Linux |
| Modular Java/J2EE application framework (USN-7165-1) libspring-web-portlet-java_4.3.30-2ubuntu0.24.10.1_all.deb | Linux |
| Modular Java/J2EE application framework (USN-7165-1) libspring-web-servlet-java_4.3.30-2ubuntu0.24.10.1_all.deb | Linux |
| Vulnerabilities CVE-2022-22965 are fixed in Spring-webmvc for Linux 5.3.18 | Linux |
| Vulnerabilities CVE-2022-22965 are fixed in Spring-webmvc for Linux 5.2.20 | Linux |
| Vulnerabilities CVE-2022-22965 are fixed in Spring-webflux for Linux 5.3.18 | Linux |
| Vulnerabilities CVE-2022-22965 are fixed in Spring-webflux for Linux 5.2.20 | Linux |
| Vulnerabilities CVE-2022-22965 are fixed in spring-beans for Linux 5.3.18 | Linux |
| Vulnerabilities CVE-2022-22965 are fixed in spring-beans for Linux 5.2.20 | Linux |
| Vulnerabilities CVE-2022-22965 are fixed in Spring-boot-starter-web for Linux 2.5.12 | Linux |
| Vulnerabilities CVE-2022-22965 are fixed in Spring-boot-starter-web for Linux 2.6.6 | Linux |
| Vulnerabilities CVE-2022-22965 are fixed in Spring-boot-starter-webflux for Linux 2.5.12 | Linux |
| Vulnerabilities CVE-2022-22965 are fixed in Spring-boot-starter-webflux for Linux 2.6.6 | Linux |
| Improper Control of Generation of Code (Code Injection) Vulnerability (CVE-2022-22965) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234