VMware Spring Cloud Function RCE Vulnerability
Critical flaw found in Spring Cloud Function resulting in Remote Code Execution
In Spring Cloud Function versions 3.2.2, 3.1.6, and older versions, it is possible for an attacker to provide a specially crafted malicious expression that may result in remote code execution and access to local resources. With CVSS base score of 9.8 and publicly available proof of concept, this vulnerability should be seriously attended. Learn More »
Common Vulnerabilities and Exposures
Background
Spring Framework is an open source lightweight Java-based platform application development framework for creating high-performing, easily testable code. And, Spring Cloud provides developer tools to build distributed systems (e.g. configuration management, service discovery, etc). In March 2022, another critical vulnerability CVE-2022-22965 known as "Spring4Shell" also affected a flaw in the Spring Framework. See dedicated Outbreak Report for full details: https://www.fortiguard.com/outbreak-alert/spring4shell-vulnerability
Threat Radar Overall Score: 4.6
CVSS Rating | 9.0 | |
FortiRecon Score | 93/100 | |
Known Exploited | Yes | |
Exploit Prediction Score | 97.54% | |
FortiGuard Telemetry | 22678 |
Latest Development
Recent news and incidents related to cybersecurity threats encompassing various events such as data breaches, cyber-attacks, security incidents, and vulnerabilities discovered.
March 29, 2022: VMware published a vulnerability report: https://tanzu.vmware.com/security/cve-2022-22963
Dec 20, 2022: FortiGuard Labs is still seeing active attack attempts of the vulnerability CVE-2022-22963 and advises users to upgrade to recommended versions for mitigating the vulnerability.
The FortiGuard telemetry can be viewed at: https://www.fortiguard.com/encyclopedia/ips/51355
FortiGuard Cybersecurity Framework
Mitigate security threats and vulnerabilities by leveraging the range of FortiGuard Services.
-
IPS
-
Web App Security
-
Application Firewall
-
Outbreak Detection
-
Threat Hunting
-
Automated Response
-
Assisted Response Services
-
InfoSec Services
-
Attack Surface Monitoring (Inside & Outside)
IPS Detects exploitation of Spring Cloud vulnerability (CVE-2022-22963)
Web App Security Detects exploitation of Spring Cloud vulnerability (CVE-2022-22963)
Application Firewall Detects exploitation of Spring Cloud vulnerability (CVE-2022-22963)
Outbreak Detection
Threat Hunting
Automated Response Services that can automaticlly respond to this outbreak.
FortiClient Forensics
Assisted Response Services Experts to assist you with analysis, containment and response activities.
InfoSec Services Security readiness and awareness training for SOC teams, InfoSec and general employees.
Attack Surface Monitoring (Inside & Outside) Security reconnaissance and penetration testing services, covering both internal & external attack vectors, including those introduced internally via software supply chain.
Threat Intelligence
Information gathered from analyzing ongoing cybersecurity events including threat actors, their tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), malware and related vulnerabilities.
Loading ...
Indicators of compromise
IOC Indicator List
Indicators of compromise
IOC Threat Activity
Last 30 days
Chg
Avg 0
Mitre Matrix
Click here for the ATT&CK Matrix
References
Sources of information in support and relation to this Outbreak and vendor.