Vulnerability detail
Enriched intelligence for a single CVE
Critical
CVE-2022-22963
PUBLISHEDIn Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to...
- Vendor
- VMware
- Product
- Spring Cloud Function
- Published
- Apr 01, 2022
- EPSS
- —
Description
In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources.
CVSS scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AV:N/AC:L/Au:N/C:P/I:P/A:P
Exploitation status
Exploited in the wild
Recorded 2022-08-25 00:00:00 UTC · Source
SSVC decision points
- Exploitation
- active
- Automatable
- Yes
- Technical impact
- total
References
- https://tanzu.vmware.com/security/cve-2022-22963
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-scf-rce-DQrHhJxH
- https://www.oracle.com/security-alerts/cpuapr2022.html
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005
- https://www.oracle.com/security-alerts/cpujul2022.html
- http://packetstormsecurity.com/files/173430/Spring-Cloud-3.2.2-Remote-Command-Execution.html
Known exploited vulnerability sources
Catalogues that list this CVE as a known exploited vulnerability.
| Source | Added |
|---|---|
| CISA | Aug 25, 2022 |
Scanner integrations
| Scanner | Reference | Detected |
|---|---|---|
| Metasploit | https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/spring_cloud_function_spel_injection.rb | Apr 28, 2025 |
| Nuclei | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2022/CVE-2022-22963.yaml | Apr 25, 2025 |
Potential proof of concepts
These PoCs are unverified and could contain malware. Use at your own risk.
metasploit · Created Unknown
Metasploit module for CVE-2022-22963
github · Created 2023-04-17 13:54:06 UTC · 4 stars
github · Created 2023-03-18 11:43:00 UTC · 22 stars
CVE-2022-22963 is a vulnerability in the Spring Cloud Function Framework for Java that allows remote code execution. This python script will verify if the vulnerability exists, and if it does, will give you a reverse shell.
github · Created 2023-03-13 13:28:55 UTC · 4 stars
CVE-2022-22963 RCE PoC in python
github · Created 2023-03-07 15:57:29 UTC · 8 stars
spring cloud function 一键利用工具! by charis 博客https://charis3306.top/
github · Created 2023-01-15 21:39:20 UTC · 4 stars
github · Created 2022-03-31 14:32:14 UTC · 17 stars
Spring Cloud Function Vulnerable Application / CVE-2022-22963
github · Created 2022-03-30 17:37:35 UTC · 9 stars
github · Created 2022-03-30 15:49:32 UTC · 34 stars
github · Created 2022-03-30 11:36:42 UTC · 15 stars
CVE-2022-22963 Spring-Cloud-Function-SpEL_RCE_exploit
Timeline
-
CVE ID Reserved
-
CVE Published to Public
-
Added to KEVIntel
-
Detected by Nuclei
-
Detected by Metasploit