CVE-2022-22965 (GCVE-0-2022-22965)

Vulnerability from cvelistv5 – Published: 2022-04-01 22:17 – Updated: 2025-10-21 23:15
VLAI CISA KEV
Summary
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.
Severity
9.8 (Critical)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE
  • CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
Impacted products
Vendor Product Version
n/a Spring Framework Affected: Spring Framework versions 5.3.X prior to 5.3.18+, 5.2.x prior to 5.2.20+ and all old and unsupported versions
CISA KEV
Known Exploited Vulnerability - GCVE BCP-07 Compliant
KEV entry ID: 826a6c65-0e52-4002-be6c-02b960edb95e

Vulnerability ID: CVE-2022-22965

Status: Confirmed

Status Updated: 2022-04-04 00:00 UTC

Exploited: Yes

Timestamps
First Seen: 2022-04-04
Asserted: 2022-04-04
Scope
Notes: KEV entry: Spring Framework JDK 9+ Remote Code Execution Vulnerability | Affected: VMware / Spring Framework | Description: Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. | Required action: Apply updates per vendor instructions. | Due date: 2022-04-25 | Known ransomware campaign use (KEV): Unknown | Notes (KEV): https://nvd.nist.gov/vuln/detail/CVE-2022-22965
Evidence

Type: Vendor Report

Signal: Successful Exploitation

Confidence: 80%

Source: cisa-kev

Details
Cwes CWE-94
Feed CISA Known Exploited Vulnerabilities Catalog
Product Spring Framework
Due Date 2022-04-25
Date Added 2022-04-04
Vendorproject VMware
Vulnerabilityname Spring Framework JDK 9+ Remote Code Execution Vulnerability
Knownransomwarecampaignuse Unknown
References
Created: 2026-02-02 13:25 UTC | Updated: 2026-02-06 07:53 UTC
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T03:28:42.725Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://www.kb.cert.org/vuls/id/970766"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://tanzu.vmware.com/security/cve-2022-22965"
          },
          {
            "name": "20220401 Vulnerability in Spring Framework Affecting Cisco Products: March 2022",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-rce-Zx9GUc67"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/166713/Spring4Shell-Code-Execution.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-254054.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/167011/Spring4Shell-Spring-Framework-Class-Property-Remote-Code-Execution.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2022-22965",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-29T17:52:10.886552Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2022-04-04",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-22965"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-21T23:15:42.792Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-22965"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2022-04-04T00:00:00.000Z",
            "value": "CVE-2022-22965 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Spring Framework",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Spring Framework versions 5.3.X prior to 5.3.18+, 5.2.x prior to 5.2.20+ and all old and unsupported versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-94",
              "description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-07-25T16:46:59.000Z",
        "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
        "shortName": "vmware"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://tanzu.vmware.com/security/cve-2022-22965"
        },
        {
          "name": "20220401 Vulnerability in Spring Framework Affecting Cisco Products: March 2022",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-rce-Zx9GUc67"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/166713/Spring4Shell-Code-Execution.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-254054.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/167011/Spring4Shell-Spring-Framework-Class-Property-Remote-Code-Execution.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@vmware.com",
          "ID": "CVE-2022-22965",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Spring Framework",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Spring Framework versions 5.3.X prior to 5.3.18+, 5.2.x prior to 5.2.20+ and all old and unsupported versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://tanzu.vmware.com/security/cve-2022-22965",
              "refsource": "MISC",
              "url": "https://tanzu.vmware.com/security/cve-2022-22965"
            },
            {
              "name": "20220401 Vulnerability in Spring Framework Affecting Cisco Products: March 2022",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-rce-Zx9GUc67"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
            },
            {
              "name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005",
              "refsource": "CONFIRM",
              "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005"
            },
            {
              "name": "http://packetstormsecurity.com/files/166713/Spring4Shell-Code-Execution.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/166713/Spring4Shell-Code-Execution.html"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-254054.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-254054.pdf"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpujul2022.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
            },
            {
              "name": "http://packetstormsecurity.com/files/167011/Spring4Shell-Spring-Framework-Class-Property-Remote-Code-Execution.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/167011/Spring4Shell-Spring-Framework-Class-Property-Remote-Code-Execution.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
    "assignerShortName": "vmware",
    "cveId": "CVE-2022-22965",
    "datePublished": "2022-04-01T22:17:30.000Z",
    "dateReserved": "2022-01-10T00:00:00.000Z",
    "dateUpdated": "2025-10-21T23:15:42.792Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2022-22965",
      "cwes": "[\"CWE-94\"]",
      "dateAdded": "2022-04-04",
      "dueDate": "2022-04-25",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "https://nvd.nist.gov/vuln/detail/CVE-2022-22965",
      "product": "Spring Framework",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding.",
      "vendorProject": "VMware",
      "vulnerabilityName": "Spring Framework JDK 9+ Remote Code Execution Vulnerability"
    },
    "epss": {
      "cve": "CVE-2022-22965",
      "date": "2026-05-29",
      "epss": "0.94428",
      "percentile": "0.99985"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-22965\",\"sourceIdentifier\":\"security@vmware.com\",\"published\":\"2022-04-01T23:15:13.870\",\"lastModified\":\"2025-10-30T19:56:43.110\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.\"},{\"lang\":\"es\",\"value\":\"Una aplicaci\u00f3n Spring MVC o Spring WebFlux que es ejecutada en JDK 9+ puede ser vulnerable a la ejecuci\u00f3n de c\u00f3digo remota (RCE) por medio de una vinculaci\u00f3n de datos. La explotaci\u00f3n espec\u00edfica requiere que la aplicaci\u00f3n sea ejecutada en Tomcat como un despliegue WAR. Si la aplicaci\u00f3n es desplegada como un jar ejecutable de Spring Boot, es decir, por defecto, no es vulnerable a la explotaci\u00f3n. Sin embargo, la naturaleza de la vulnerabilidad es m\u00e1s general, y puede haber otras formas de explotarla\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"cisaExploitAdd\":\"2022-04-04\",\"cisaActionDue\":\"2022-04-25\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"Spring Framework JDK 9+ Remote Code Execution Vulnerability\",\"weaknesses\":[{\"source\":\"security@vmware.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-94\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-94\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.2.20\",\"matchCriteriaId\":\"7417ECB4-3391-4273-9DAF-C9C82220CEA8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.3.0\",\"versionEndExcluding\":\"5.3.18\",\"matchCriteriaId\":\"5049322E-FFAA-4CAA-B794-63539EA4E6D7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:oracle:jdk:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9\",\"matchCriteriaId\":\"19F22333-401B-4DB1-A63D-622FA54C2BA9\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:cx_cloud_agent:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.1.0\",\"matchCriteriaId\":\"0DA44823-E5F1-4922-BCCA-13BEB49C017B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4CA84D6-F312-4C29-A02B-050FCB7A902B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:22.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DF6C109-E3D3-431C-8101-2FF88763CF5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_console:1.9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DAAB7154-4DE8-4806-86D0-C1D33B84417B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_console:22.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5BB2213-08E7-497F-B672-556FD682D122\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E24426EE-6A3F-413E-A70A-FB98CCD007A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:1.10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2A5B24D-BDF2-423C-98EA-A40778C01A05\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04E6C8E9-2024-496C-9BFD-4548A5B44E2E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F60E32F-0CA0-4C2D-9848-CB92765A9ACB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B61A7946-F554-44A9-9E41-86114E4B4914\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3AA09838-BF13-46AC-BB97-A69F48B73A8A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D163AA57-1D66-4FBF-A8BB-F13E56E5C489\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:22.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6577F14-36B6-46A5-A1B1-FCCADA61A23B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4367D9B-BF81-47AD-A840-AC46317C774D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0425918A-03F1-4541-BDEF-55B03E07E115\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:1.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD4349FE-EEF8-489A-8ABF-5FCD55EC6DE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D235B299-9A0E-44FF-84F1-2FFBC070A21D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:1.15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6EAA723-2A23-4151-930B-86ACF9CC1C0C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C2E50B0-64B6-4696-9213-F5D9016058A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_policy_management:12.6.0.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02AEDB9F-1040-4840-ACB6-8BF299886ACB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41C2C67B-BF55-4B48-A94D-1F37A4FAC68C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"172BECE8-9626-4910-AAA1-A2FA9C7139E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4B3A10E-70A8-4332-8567-06AE2C45D3C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"059F0D4E-B007-4986-AB95-89F11147CB2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6CAC78AD-86BB-4F06-B8CF-8E1329987F2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"44563108-AD89-49A0-9FA5-7DE5A5601D2C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FCA5DC3F-E7D8-45E3-8114-2213EC631CDF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"078AEFC0-96DA-4F50-BE8E-8360718103A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"8.0.29\",\"matchCriteriaId\":\"7ECCD8C1-C055-4958-A613-B6D1609687F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:product_lifecycle_analytics:3.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F978162-CB2C-4166-947A-9048C6E878BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:20.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A69FB468-EAF3-4E67-95E7-DF92C281C1F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:21.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AB16F34-D561-498F-A8C3-A24A47BCEBC9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:sd-wan_edge:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77E39D5C-5EFA-4FEB-909E-0A92004F2563\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:sd-wan_edge:9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06816711-7C49-47B9-A9D7-FB18CC3F42F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:operation_scheduler:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.0.4\",\"matchCriteriaId\":\"435B691D-C763-4692-A46A-3422FA821ACF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sipass_integrated:2.80:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83E77D85-0AE8-41D6-AC0C-983A8B73C831\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sipass_integrated:2.85:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02B28A44-3708-480D-9D6D-DDF8C21A15EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:siveillance_identity:1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9772EE3F-FFC5-4611-AD9A-8AD8304291BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:siveillance_identity:1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF524892-278F-4373-A8A3-02A30FA1AFF4\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:veritas:access_appliance:7.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"26CDB573-611F-403C-9E9F-2A929B7B9602\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:veritas:access_appliance:7.4.3.100:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E84BF8E9-9AB8-4591-9760-C9B727FD0BA2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:veritas:access_appliance:7.4.3.200:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2605B356-2BDE-45B2-AAB3-55236E163588\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:veritas:access_appliance:7.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"26CDB573-611F-403C-9E9F-2A929B7B9602\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:veritas:access_appliance:7.4.3.100:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E84BF8E9-9AB8-4591-9760-C9B727FD0BA2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:veritas:access_appliance:7.4.3.200:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2605B356-2BDE-45B2-AAB3-55236E163588\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:veritas:flex_appliance:1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E18698DE-9043-4AA0-B798-51C0B4CACBAD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:veritas:flex_appliance:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8CE9674B-4528-4168-B09A-DBAA48622307\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:veritas:flex_appliance:2.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9810D40F-FF25-495F-80A4-7A8D8679FA33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:veritas:flex_appliance:2.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02B3BC5A-97E2-4295-9EA3-62D29E579E9F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:veritas:flex_appliance:2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC18FEAF-65B4-4F56-A703-21DF9B969B0B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:veritas:netbackup_flex_scale_appliance:2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66B1DC73-8B4C-418B-96A7-17C35E9164CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:veritas:netbackup_flex_scale_appliance:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48E6CF01-79F1-4E56-BB3C-02AE544876E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:veritas:netbackup_appliance:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62D12B2A-0167-4010-888E-30BB96DBA3F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release1:*:*:*:*:*:*\",\"matchCriteriaId\":\"42554066-06A0-44EF-8911-5982A4033E00\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release2:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE52F0C6-7AB6-4E84-9A8C-01C2AE170504\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:veritas:netbackup_appliance:4.0.0.1:maintenance_release3:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2762443-9B5B-4675-84B3-21A60385F86E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:veritas:netbackup_appliance:4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F91A353F-6BEE-423E-BB6A-413C2C03D313\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release1:*:*:*:*:*:*\",\"matchCriteriaId\":\"6256AE6A-34BF-417A-BAB9-8889457BA31B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:veritas:netbackup_appliance:4.1.0.1:maintenance_release2:*:*:*:*:*:*\",\"matchCriteriaId\":\"FBEF9B41-F0AF-49A8-95A9-5F803E5AFDE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:veritas:netbackup_virtual_appliance:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C3F72DF7-C2C6-4009-82D8-462714D80DF5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:veritas:netbackup_virtual_appliance:4.0.0.1:maintenance_release1:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5C4BAEE-EAAE-46F6-A275-330EE41CF1F7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:veritas:netbackup_virtual_appliance:4.0.0.1:maintenance_release2:*:*:*:*:*:*\",\"matchCriteriaId\":\"5311A3B2-E1C7-4816-B1DD-F0166C65F5A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:veritas:netbackup_virtual_appliance:4.0.0.1:maintenance_release3:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED4BC39F-2A18-4F2D-B5A6-A1590D220611\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:veritas:netbackup_virtual_appliance:4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E5BC47D-DD3A-4CE1-B313-18C9547E89EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:veritas:netbackup_virtual_appliance:4.1.0.1:maintenance_release1:*:*:*:*:*:*\",\"matchCriteriaId\":\"63459D69-EC29-49A6-9577-A48B63C63063\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:veritas:netbackup_virtual_appliance:4.1.0.1:maintenance_release2:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B20A490-3398-4B36-9630-98CADC801E9E\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:operation_scheduler:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.0.4\",\"matchCriteriaId\":\"435B691D-C763-4692-A46A-3422FA821ACF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_speech_assistant_for_machines:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.2.1\",\"matchCriteriaId\":\"D035FB7D-36A5-439E-9992-DE255F020AB5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sinec_network_management_system:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.3\",\"matchCriteriaId\":\"0D14E8FC-464B-414D-AE56-C20FF46E25FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sipass_integrated:2.80:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83E77D85-0AE8-41D6-AC0C-983A8B73C831\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sipass_integrated:2.85:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02B28A44-3708-480D-9D6D-DDF8C21A15EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:siveillance_identity:1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9772EE3F-FFC5-4611-AD9A-8AD8304291BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:siveillance_identity:1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF524892-278F-4373-A8A3-02A30FA1AFF4\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:commerce_platform:11.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8CDE72F7-ED9D-4A53-BF63-DF6711FFDEF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6EDB6772-7FDB-45FF-8D72-952902A7EE56\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7637F8B-15F1-42E2-BE18-E1FF7C66587D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E43D793A-7756-4D58-A8ED-72DC4EC9CEA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0EBC7EB1-FD72-4BFC-92CC-7C8B8E462D7C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_bulk_data_integration:16.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3486C85C-57BC-433F-941C-E81539DA5C1D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:17.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7FBF5C7-EC73-4CE4-8CB7-E9CF5705DB25\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:18.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36E16AEF-ACEB-413C-888C-8D250F65C180\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:19.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EFAEA84-E376-40A2-8C9F-3E0676FEC527\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_financial_integration:14.1.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"798E4FEE-9B2B-436E-A2B3-B8AA1079892A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_financial_integration:15.0.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB86F6C3-981E-4ECA-A5EB-9A9CD73D70C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_financial_integration:16.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B042849-7EF5-4A5F-B6CD-712C0B8735BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_financial_integration:19.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7435071D-0C95-4686-A978-AFC4C9A0D0FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_integration_bus:14.1.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8CFCE558-9972-46A2-8539-C16044F1BAA9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_integration_bus:15.0.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1194C4E-CF42-4B4D-BA9A-40FDD28F1D58\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_integration_bus:16.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"822A3C37-86F2-4E91-BE91-2A859F983941\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_integration_bus:19.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD311C33-A309-44D5-BBFB-539D72C7F8C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_merchandising_system:16.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8383028-B719-41FD-9B6A-71F8EB4C5F8D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_merchandising_system:19.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE1BC44A-F0AF-41CD-9CEB-B07AB5ADAB38\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F14A818F-AA16-4438-A3E4-E64C9287AC66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A5BB153-68E0-4DDA-87D1-0D9AB7F0A418\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04BCDC24-4A21-473C-8733-0D9CFB38A752\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/166713/Spring4Shell-Code-Execution.html\",\"source\":\"security@vmware.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/167011/Spring4Shell-Spring-Framework-Class-Property-Remote-Code-Execution.html\",\"source\":\"security@vmware.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-254054.pdf\",\"source\":\"security@vmware.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005\",\"source\":\"security@vmware.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://tanzu.vmware.com/security/cve-2022-22965\",\"source\":\"security@vmware.com\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-rce-Zx9GUc67\",\"source\":\"security@vmware.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2022.html\",\"source\":\"security@vmware.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2022.html\",\"source\":\"security@vmware.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/166713/Spring4Shell-Code-Execution.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/167011/Spring4Shell-Spring-Framework-Class-Property-Remote-Code-Execution.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-254054.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://tanzu.vmware.com/security/cve-2022-22965\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-rce-Zx9GUc67\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.kb.cert.org/vuls/id/970766\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-22965\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.kb.cert.org/vuls/id/970766\"}, {\"url\": \"https://tanzu.vmware.com/security/cve-2022-22965\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-rce-Zx9GUc67\", \"name\": \"20220401 Vulnerability in Spring Framework Affecting Cisco Products: March 2022\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\", \"x_transferred\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuapr2022.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/166713/Spring4Shell-Code-Execution.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-254054.pdf\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujul2022.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/167011/Spring4Shell-Spring-Framework-Class-Property-Remote-Code-Execution.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T03:28:42.725Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-22965\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-01-29T17:52:10.886552Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2022-04-04\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-22965\"}}}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2022-04-04T00:00:00.000Z\", \"value\": \"CVE-2022-22965 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-22965\", \"tags\": [\"government-resource\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-01-29T17:52:33.856Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"Spring Framework\", \"versions\": [{\"status\": \"affected\", \"version\": \"Spring Framework versions 5.3.X prior to 5.3.18+, 5.2.x prior to 5.2.20+ and all old and unsupported versions\"}]}], \"references\": [{\"url\": \"https://tanzu.vmware.com/security/cve-2022-22965\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-rce-Zx9GUc67\", \"name\": \"20220401 Vulnerability in Spring Framework Affecting Cisco Products: March 2022\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuapr2022.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://packetstormsecurity.com/files/166713/Spring4Shell-Code-Execution.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-254054.pdf\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujul2022.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://packetstormsecurity.com/files/167011/Spring4Shell-Spring-Framework-Class-Property-Remote-Code-Execution.html\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-94\", \"description\": \"CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"dcf2e128-44bd-42ed-91e8-88f912c1401d\", \"shortName\": \"vmware\", \"dateUpdated\": \"2022-07-25T16:46:59.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"Spring Framework versions 5.3.X prior to 5.3.18+, 5.2.x prior to 5.2.20+ and all old and unsupported versions\"}]}, \"product_name\": \"Spring Framework\"}]}, \"vendor_name\": \"n/a\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://tanzu.vmware.com/security/cve-2022-22965\", \"name\": \"https://tanzu.vmware.com/security/cve-2022-22965\", \"refsource\": \"MISC\"}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-rce-Zx9GUc67\", \"name\": \"20220401 Vulnerability in Spring Framework Affecting Cisco Products: March 2022\", \"refsource\": \"CISCO\"}, {\"url\": \"https://www.oracle.com/security-alerts/cpuapr2022.html\", \"name\": \"https://www.oracle.com/security-alerts/cpuapr2022.html\", \"refsource\": \"MISC\"}, {\"url\": \"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005\", \"name\": \"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://packetstormsecurity.com/files/166713/Spring4Shell-Code-Execution.html\", \"name\": \"http://packetstormsecurity.com/files/166713/Spring4Shell-Code-Execution.html\", \"refsource\": \"MISC\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-254054.pdf\", \"name\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-254054.pdf\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://www.oracle.com/security-alerts/cpujul2022.html\", \"name\": \"https://www.oracle.com/security-alerts/cpujul2022.html\", \"refsource\": \"MISC\"}, {\"url\": \"http://packetstormsecurity.com/files/167011/Spring4Shell-Spring-Framework-Class-Property-Remote-Code-Execution.html\", \"name\": \"http://packetstormsecurity.com/files/167011/Spring4Shell-Spring-Framework-Class-Property-Remote-Code-Execution.html\", \"refsource\": \"MISC\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2022-22965\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"security@vmware.com\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2022-22965\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-21T23:15:42.792Z\", \"dateReserved\": \"2022-01-10T00:00:00.000Z\", \"assignerOrgId\": \"dcf2e128-44bd-42ed-91e8-88f912c1401d\", \"datePublished\": \"2022-04-01T22:17:30.000Z\", \"assignerShortName\": \"vmware\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.