CVE-2022-22965 Detail

Current Description

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.

Severity

   CVSS Version 3.xCVSS Version 2.0

CVSS 3.x Severity and Metrics:

NIST CVSS score

NIST: NVDBase Score:9.8 CRITICALVector:  CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

NVD Analysts use publicly available information to associate vector strings and CVSS scores. We also display any CVSS information provided within the CVE List from the CNA.

Note: NVD Analysts have published a CVSS score for this CVE based on publicly available information at the time of analysis. The CNA has not provided a score within the CVE List.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving the NIST webspace. We have provided these links to other websites because they may have information that would interest you. No inferences should be drawn on account of other sites being referenced or not from this page. There may be other websites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products mentioned on these sites. Please address comments about this page to [email protected].

HyperlinkResource
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005Third Party Advisory 
https://tanzu.vmware.com/security/cve-2022-22965Mitigation  Vendor Advisory 
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-rce-Zx9GUc67Third-Party Advisory 

Weakness Enumeration

CWE-IDCWE NameSource
CWE-94Improper Control of Generation of Code (‘Code Injection’)cwe source acceptance level NIST   Reference acceptance level VMware  

Known Affected Software Configurations Switch to CPE 2.2

Configuration 1 ( hide )

  cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:*
   Show Matching CPE(s)
From (including)
5.2.0
Up to (excluding)
5.2.20
  cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:*
   Show Matching CPE(s)
From (including)
5.3.0
Up to (excluding)
5.3.18

Configuration 2 ( hide )

  cpe:2.3:a:cisco:cx_cloud_agent:*:*:*:*:*:*:*:*
   Show Matching CPE(s)
Up to (excluding)
2.1.0

Source: CVE – CVE-2022-22965 (mitre.org)

Leave a Reply

Your email address will not be published.