Remote Code Execution in Spring MVC on Tomcat Deployments
A vulnerability for remote code execution (RCE) exists in a Spring MVC or Spring WebFlux app using JDK 9 or above. This happens through data binding. For the exploit to work, the app must be running on Tomcat as a WAR file. If it's a Spring Boot executable jar, which is the default, it's safe. But the vulnerability is broad, and there might be other ways to exploit it.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
vmware spring framework |
||
cisco cx cloud agent |
||
oracle communications cloud native core automated test suite 1.9.0 |
||
oracle communications cloud native core automated test suite 22.1.0 |
||
oracle communications cloud native core console 1.9.0 |
||
oracle communications cloud native core console 22.1.0 |
||
oracle communications cloud native core network exposure function 22.1.0 |
||
oracle communications cloud native core network function cloud native environment 1.10.0 |
||
oracle communications cloud native core network function cloud native environment 22.1.0 |
||
oracle communications cloud native core network repository function 1.15.0 |
||
oracle communications cloud native core network repository function 22.1.0 |
||
oracle communications cloud native core network slice selection function 1.8.0 |
||
oracle communications cloud native core network slice selection function 1.15.0 |
||
oracle communications cloud native core network slice selection function 22.1.0 |
||
oracle communications cloud native core policy 1.15.0 |
||
oracle communications cloud native core policy 22.1.0 |
||
oracle communications cloud native core security edge protection proxy 1.7.0 |
||
oracle communications cloud native core security edge protection proxy 22.1.0 |
||
oracle communications cloud native core unified data repository 1.15.0 |
||
oracle communications cloud native core unified data repository 22.1.0 |
||
oracle communications policy management 12.6.0.0.0 |
||
oracle financial services analytical applications infrastructure 8.1.1 |
||
oracle financial services analytical applications infrastructure 8.1.2.0 |
||
oracle financial services behavior detection platform 8.1.1.0 |
||
oracle financial services behavior detection platform 8.1.1.1 |
||
oracle financial services behavior detection platform 8.1.2.0 |
||
oracle financial services enterprise case management 8.1.1.0 |
||
oracle financial services enterprise case management 8.1.1.1 |
||
oracle financial services enterprise case management 8.1.2.0 |
||
oracle mysql enterprise monitor |
||
oracle product lifecycle analytics 3.6.1 |
||
oracle retail xstore point of service 20.0.1 |
||
oracle retail xstore point of service 21.0.0 |
||
oracle sd-wan edge 9.0 |
||
oracle sd-wan edge 9.1 |
||
siemens operation scheduler |
||
siemens sipass integrated 2.80 |
||
siemens sipass integrated 2.85 |
||
siemens siveillance identity 1.5 |
||
siemens siveillance identity 1.6 |
||
veritas access appliance 7.4.3 |
||
veritas access appliance 7.4.3.100 |
||
veritas access appliance 7.4.3.200 |
||
veritas flex appliance 1.3 |
||
veritas flex appliance 2.0 |
||
veritas flex appliance 2.0.1 |
||
veritas flex appliance 2.0.2 |
||
veritas flex appliance 2.1 |
||
veritas netbackup flex scale appliance 2.1 |
||
veritas netbackup flex scale appliance 3.0 |
||
veritas netbackup appliance 4.0 |
||
veritas netbackup appliance 4.0.0.1 |
||
veritas netbackup appliance 4.1 |
||
veritas netbackup appliance 4.1.0.1 |
||
veritas netbackup virtual appliance 4.0 |
||
veritas netbackup virtual appliance 4.0.0.1 |
||
veritas netbackup virtual appliance 4.1 |
||
veritas netbackup virtual appliance 4.1.0.1 |
||
siemens simatic speech assistant for machines |
||
siemens sinec network management system |
||
oracle commerce platform 11.3.2 |
||
oracle communications cloud native core binding support function 22.1.3 |
||
oracle communications unified inventory management 7.4.1 |
||
oracle communications unified inventory management 7.4.2 |
||
oracle communications unified inventory management 7.5.0 |
||
oracle retail bulk data integration 16.0.3 |
||
oracle retail customer management and segmentation foundation 17.0 |
||
oracle retail customer management and segmentation foundation 18.0 |
||
oracle retail customer management and segmentation foundation 19.0 |
||
oracle retail financial integration 14.1.3.2 |
||
oracle retail financial integration 15.0.3.1 |
||
oracle retail financial integration 16.0.3 |
||
oracle retail financial integration 19.0.1 |
||
oracle retail integration bus 14.1.3.2 |
||
oracle retail integration bus 15.0.3.1 |
||
oracle retail integration bus 16.0.3 |
||
oracle retail integration bus 19.0.1 |
||
oracle retail merchandising system 16.0.3 |
||
oracle retail merchandising system 19.0.1 |
||
oracle weblogic server 12.2.1.3.0 |
||
oracle weblogic server 12.2.1.4.0 |
||
oracle weblogic server 14.1.1.0.0 |
Symantec products will protect against attempted exploits of Spring4Shell vulnerability.
Posted: 31 Mar, 20223 Min ReadThreat Intelligence SubscribeFollowtwitterlinkedinSpring4Shell: New Zero-day RCE Vulnerability Uncovered in Java FrameworkSymantec products will protect against attempted exploits of Spring4Shell vulnerability.A zero-day vulnerability in the Spring Core Java framework that could allow for unauthenticated remote code execution (RCE) on vulnerable applications was publicly disclosed on March 30, before a patch wa...
IT threat evolution in Q2 2022 IT threat evolution in Q2 2022. Non-mobile statistics IT threat evolution in Q2 2022. Mobile statistics Targeted attacks New technique for installing fileless malware Earlier this year, we discovered a malicious campaign that employed a new technique for installing fileless malware on target machines by injecting a shellcode directly into Windows event logs. The attackers were using this to hide a last-stage Trojan in the file system. The attack starts by driving t...
IT threat evolution in Q2 2022 IT threat evolution in Q2 2022. Non-mobile statistics IT threat evolution in Q2 2022. Mobile statistics These statistics are based on detection verdicts of Kaspersky products and services received from users who consented to providing statistical data. Quarterly figures According to Kaspersky Security Network, in Q2 2022: Kaspersky solutions blocked 1,164,544,060 attacks from online resources across the globe. Web Anti-Virus recognized 273,033,368 unique URLs as ma...
IT threat evolution in Q1 2022 IT threat evolution in Q1 2022. Non-mobile statistics IT threat evolution in Q1 2022. Mobile statistics These statistics are based on detection verdicts of Kaspersky products and services received from users who consented to providing statistical data. Quarterly figures According to Kaspersky Security Network, in Q1 2022: Kaspersky solutions blocked 1,216,350,437 attacks from online resources across the globe. Web Anti-Virus recognized 313,164,030 unique URLs as ma...
Last week researchers found the critical vulnerability CVE-2022-22965 in Spring – the open source Java framework. Using the vulnerability, an attacker can execute arbitrary code on a remote web server, which makes CVE-2022-22965 a critical threat, given the Spring framework’s popularity. By analogy with the infamous Log4Shell threat, the vulnerability was named Spring4Shell. CVE-2022-22965 and CVE-2022-22963: technical details CVE-2022-22965 (Spring4Shell, SpringShell) is a vulnerability in ...
Get our weekly newsletter Trend Micro says vulnerable systems in Singapore have been compromised
There has been a land rush of sorts among threat groups trying to use the vulnerability discovered in the open-source Spring Framework last month, and now researchers at Trend Micro are saying it's being actively exploited to execute the Mirai botnet. The Mirai malware is a long-running threat that has been around since 2016 and is used to pull smaller networked and Internet of Things (IoT) devices such as IP cameras and routers into a botnet that can then be used in such campaigns as distribute...
Get our weekly newsletter April bundle addresses 100-plus vulnerabilities including 10 critical RCEs
Microsoft's massive April Patch Tuesday includes one bug that has already been exploited in the wild and a second that has been publicly disclosed. In total, the Redmond giant patched a whopping 128 bugs today, including 10 critical remote code execution (RCE) vulnerabilities. First, though: CVE-2022-24521, which NSA and CrowdStrike security researchers reported to Microsoft, is under active exploitation. It's an elevation-of-privilege vulnerability, and it occurs in the Windows Common Log File ...