CVE-2022-22963

Confirmed PUBLISHED

In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to...

VMware · Spring Cloud Function
Exploited in the wild PoC available

Recommended Action

Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.

Confidence
Confirmed
Exploitation Status
Exploited in the wild
Observed in Sensors
No
Attempts (30d)
Unique Attacker IPs
CISA KEV
In CISA KEV
CVSS / EPSS
9.8 Critical

At a Glance

In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources.

cisa metasploit java nuclei_scanner
CVE Published
Apr 01, 2022
Exploitation Reported
Aug 25, 2022
CVSS
9.8 Critical
EPSS
Remote Low complexity No user interaction Unauthenticated

Affected Versions

Vendor Product Version Status
n/a
Spring Cloud Function

Spring Cloud Function versions 3.1.6, 3.2.2 and all old and unsupported versions

Affected

CVE References

Show 1 more reference

Recommended Actions

  • Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.
  • Check enrichment artifacts for scanner coverage and available PoCs before rolling remediation validation.
  • Use the Pro API to automate enrichment, telemetry, and workflow delivery for VM, SOC, and CTI pipelines.