CVE-2022-22963
CVE-2022-22963
Em resumo
O Spring Cloud Function permite que atacantes executem código arbitrário no servidor injetando expressões maliciosas através da funcionalidade de roteamento. Isso ocorre porque a entrada do usuário não é validada adequadamente antes do processamento.
Detalhe técnico
Um atacante remoto pode explorar validação inadequada de entrada no parâmetro routing-expression para injetar cargas de Spring Expression Language (SpEL), alcançando execução remota de código sem autenticação. A vulnerabilidade existe nas versões 3.1.6, 3.2.2 e versões antigas não suportadas quando a funcionalidade de roteamento está habilitada.
Resumo gerado e traduzido por IA a partir da descrição oficial.
In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Produtos afetados
n/a · Spring Cloud FunctionPoCs públicas encontradas — 30
githubgithub.com/hktalent/spring-spel-0day-poc★ 355githubgithub.com/dinosn/CVE-2022-22963★ 116githubgithub.com/darryk10/CVE-2022-22963★ 35githubgithub.com/J0ey17/CVE-2022-22963_Reverse-Shell-Exploit★ 24githubgithub.com/me2nuk/CVE-2022-22963★ 19githubgithub.com/RanDengShiFu/CVE-2022-22963★ 15githubgithub.com/kh4sh3i/Spring-CVE★ 14githubgithub.com/Kirill89/CVE-2022-22963-PoC★ 9githubgithub.com/k3rwin/spring-cloud-function-rce★ 8githubgithub.com/charis3306/CVE-2022-22963★ 8githubgithub.com/lemmyz4n3771/CVE-2022-22963-PoC★ 4githubgithub.com/randallbanner/Spring-Cloud-Function-Vulnerability-CVE-2022-22963-RCE★ 4githubgithub.com/iliass-dahman/CVE-2022-22963-POC★ 4githubgithub.com/stevemats/Spring0DayCoreExploit★ 3githubgithub.com/twseptian/cve-2022-22963★ 2githubgithub.com/AayushmanThapaMagar/CVE-2022-22963★ 1githubgithub.com/SourM1lk/CVE-2022-22963-Exploit★ 1githubgithub.com/puckiestyle/CVE-2022-22963★ 1githubgithub.com/SealPaPaPa/SpringCloudFunction-Research★ 1githubgithub.com/Shayz614/CVE-2022-22963★ 0githubgithub.com/G01d3nW01f/CVE-2022-22963★ 0githubgithub.com/75ACOL/CVE-2022-22963★ 0githubgithub.com/Mustafa1986/CVE-2022-22963★ 0githubgithub.com/gunzf0x/CVE-2022-22963★ 0githubgithub.com/nikn0laty/RCE-in-Spring-Cloud-CVE-2022-22963★ 0githubgithub.com/BearClaw96/CVE-2022-22963-Poc-Bearcules★ 0githubgithub.com/jrbH4CK/CVE-2022-22963★ 0githubgithub.com/cyberager/CVE-2022-22963★ 0exploitdbwww.exploit-db.com/exploits/51577não verificadocve_referencepacketstormsecurity.com/files/173430/Spring-Cloud-3.2.2-Remote-Command-Execution.htmlnão verificado⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://packetstormsecurity.com/files/173430/Spring-Cloud-3.2.2-Remote-Command-Execution.htmlhttps://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005https://tanzu.vmware.com/security/cve-2022-22963https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-scf-rce-DQrHhJxHhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-22963https://www.oracle.com/security-alerts/cpuapr2022.htmlhttps://www.oracle.com/security-alerts/cpujul2022.html