{"uuid": "225d7f51-ae27-463d-9d18-a7f6200990a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/tech_b0lt_Genona/3069", "content": "\u041d\u0435\u0434\u0435\u043b\u044f \u043c\u0435\u0441\u044f\u0446 Spring4Shell \u043e\u0431\u044a\u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c\n\nTL;DR\u200b\nTwo RCEs exist and three vectors are being discussed online (one of which is not known to be remotely exploitable).\n\n- Confirmed: \"Spring4Shell\" in Spring Core that has been confirmed by several sources that leverages class injection (very severe),\n- Confirmed: CVE-2022-22963 in Spring Cloud Function (less severe),\n- Unconfirmed: A third weakness that was initially discussed as allowing RCE via Deserialization, but isn't exploitable (not severe currently).\n. . .\nOverview of Vulnerabilities\u200b\n- Spring4Shell: An confirmed RCE in Spring Core <=5.3.17. We're investigating this currently.\n- CVE-2022-22963: A confirmed RCE in Spring Cloud Function (<=3.1.6 and <=3.2.2).\n- An unconfirmed deserialization weakness in Spring Core that could lead to an RCE. (Spring Core <=5.3.17)\n\nSpring4Shell: Security Analysis of the latest Java RCE '0-day' vulnerabilities in Spring\nhttps://www.lunasec.io/docs/blog/spring-rce-vulnerabilities", "creation_timestamp": "2022-03-31T06:09:56.000000Z"}