![]() ![]() The remote check (vulnerability ID spring-cve-2022-22965-remote-http) triggers against any discovered HTTP(S) services and attempts to send a payload to common Spring-based web application paths in order to trigger an HTTP 500 response, which indicates a higher probability that the system is exploitable. The authenticated check is available immediately for Nexpose and InsightVM Scan Engines. Please note: The unzip utility is required to be installed on systems being scanned. The authenticated check (vulnerability ID spring-cve-2022-22965) will run on Unix-like systems and report on vulnerable versions of Spring Framework found within WAR files. For InsightVM customers using the Insight Agent, version 3.1.4.49 of the agent is required to collect the necessary data. For the most accurate and comprehensive coverage, product version 6.6.136 of Nexpose or InsightVM is recommended. InsightVM and Nexpose customers can scan their environments for vulnerable instances of Spring Framework via authenticated and remote checks. Our team will be updating this blog continually-please see the bottom of the post for updates. CVE-2022-22965 was assigned to track the vulnerability on March 31, 2022. The vulnerability affects SpringMVC and Spring WebFlux applications running on JDK 9+. As of March 31, 2022, Spring has confirmed the zero-day vulnerability and has released Spring Framework versions 5.3.18 and 5.2.20 to address it. Our team is continuing to investigate and validate additional information about this vulnerability and its impact. ![]() While discovery and research is evolving, we’re posting the facts we’ve gathered and updating guidance as new information becomes available. If you are like many in the cybersecurity industry, any mention of a zero-day in an open-source software (OSS) library may cause a face-palm or audible groans, especially given the fast-follow from the Log4j vulnerability. ![]() For further information and updates about our internal response to Spring4Shell, please see our post here. Rapid7 has completed remediating the instances of Spring4Shell (CVE-2022-22965) and Spring Cloud (CVE-2022-22963) vulnerabilities that we found on our internet-facing services and systems. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |