Back to KEVs

CVE-2022-22963

In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to...

Basic Information

CVE State
PUBLISHED
Reserved Date
January 10, 2022
Published Date
April 01, 2022
Last Updated
January 29, 2025
Vendor
n/a
Product
Spring Cloud Function
Description
In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources.

CVSS Scores

CVSS v3.1

9.8 - CRITICAL

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

SSVC Information

Exploitation
active
Automatable
Yes
Technical Impact
total

Exploit Status

Exploited in the Wild
Yes (added 2022-08-25 00:00:00 UTC) Source
Proof of Concept Available
Yes (added 2023-04-17 13:54:06 UTC) Source

References

https://tanzu.vmware.com/security/cve-2022-22963 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-scf-rce-DQrHhJxH https://www.oracle.com/security-alerts/cpuapr2022.html https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005 https://www.oracle.com/security-alerts/cpujul2022.html http://packetstormsecurity.com/files/173430/Spring-Cloud-3.2.2-Remote-Command-Execution.html

Known Exploited Vulnerability Information

Source Added Date
CISA 2022-08-25 00:00:00 UTC

Scanner Integrations

Scanner URL Date Detected
Metasploit https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/spring_cloud_function_spel_injection.rb 2025-04-29 11:01:23 UTC
Nuclei https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2022/CVE-2022-22963.yaml 2025-04-26 00:00:00 UTC

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

spring_cloud_function_spel_injection

Type: metasploit • Created: Unknown

Metasploit module for CVE-2022-22963

randallbanner/Spring-Cloud-Function-Vulnerability-CVE-2022-22963-RCE

Type: github • Created: 2023-04-17 13:54:06 UTC • Stars: 4

J0ey17/CVE-2022-22963_Reverse-Shell-Exploit

Type: github • Created: 2023-03-18 11:43:00 UTC • Stars: 22

CVE-2022-22963 is a vulnerability in the Spring Cloud Function Framework for Java that allows remote code execution. This python script will verify if the vulnerability exists, and if it does, will give you a reverse shell.

lemmyz4n3771/CVE-2022-22963-PoC

Type: github • Created: 2023-03-13 13:28:55 UTC • Stars: 4

CVE-2022-22963 RCE PoC in python

charis3306/CVE-2022-22963

Type: github • Created: 2023-03-07 15:57:29 UTC • Stars: 8

spring cloud function 一键利用工具! by charis 博客https://charis3306.top/

iliass-dahman/CVE-2022-22963-POC

Type: github • Created: 2023-01-15 21:39:20 UTC • Stars: 4

me2nuk/CVE-2022-22963

Type: github • Created: 2022-03-31 14:32:14 UTC • Stars: 17

Spring Cloud Function Vulnerable Application / CVE-2022-22963

Kirill89/CVE-2022-22963-PoC

Type: github • Created: 2022-03-30 17:37:35 UTC • Stars: 9

darryk10/CVE-2022-22963

Type: github • Created: 2022-03-30 15:49:32 UTC • Stars: 34

RanDengShiFu/CVE-2022-22963

Type: github • Created: 2022-03-30 11:36:42 UTC • Stars: 15

CVE-2022-22963 Spring-Cloud-Function-SpEL_RCE_exploit

dinosn/CVE-2022-22963

Type: github • Created: 2022-03-30 05:04:24 UTC • Stars: 116

CVE-2022-22963 PoC