by @jakaba
29 Jun 2023

From Spring to Hell: Exploring the Spring4Shell vulnerability

by @jakaba
29 Jun 2023

From Spring to Hell: Exploring the Spring4Shell vulnerability

CVEs

9.8 Critical Severity

Apps

001.012.*
*.*
0.9.2.*
1.6.*
0.0.2.*
1.7.*
0.9.*
1.3.*
0.9.3.*
2.2.*
14.1.1.0.0.*
10.3.5.0.0.*
9.2.0.0.0.*
*.*
10.3.0.0.0.*
10.3.2.0.0.*
10.3.3.0.0.*
12.2.1.4.0.*
9.1.0.0.0.*
9.0.0.0.0.*
10.0.3.5.*
11.2.0.3.*
11.3.2.*
11.2.0.2.*
10.2.0.5.*
11.3.0.*
11.2.0.*
11.3.1.*
11.1.0.*
11.1.*
16.0.6.*
18.0.3.*
15.0.2.*
21.0.1.*
21.0.0.*
15.0.3.*
15.0.4.*
18.0.2.*
20.0.1.*
19.0.2.*
3.3.6.3293.*
4.0.0.5135.*
3.4.4.4226.*
8.0.18.1217.*
4.0.11.5331.*
3.4.9.4237.*
3.4.7.4297.*
8.0.0.8131.*
4.0.4.5235.*
4.0.6.5281.*
12.6.0.0.0.*
12.5.0.0.0.*
*.*
12.4.1.*
9.1.8.*
12.5.1.*
9.1.10.*
9.1.9.*
9.7.4.*
9.9.1.*
14.1.3.2.*
16.0.3.0.*
14.1.3.0.*
15.0.3.1.*
19.0.0.*
14.1.3.*
15.0.2.*
15.0.3.*
15.0.4.0.*
19.0.1.0.*
7.2.4.2.*
7.3.4.*
7.3.5.*
7.3.*
7.5.0.*
7.4.0.*
7.4.1.*
7.3.0.*
7.4.2.*
7.3.2.*
7.3.3.0.1.*
8.1.0.0.0.*
8.0.5.4.0.*
8.0.6.0.0.*
8.0.6.0.1.*
8.0.6.1.0.*
8.0.6.2.0.*
8.0.6.3.0.*
8.0.6.4.0.*
8.0.7.0.0.*
14.1.3.2.*
15.0.3.*
14.1.*
16.0.*
19.0.1.*
15.0.*
5.0.3.1.*
16.0.3.*
16.0.2.*
16.0.3.0.*
15.0.3.0.*
16.0.*
19.0.1.*
15.0.*
16.0.3.*
18.1.*
17.0.1.*
16.0.*
17.0.*
19.0.*
16.0.1.*
18.0.*
16.0.2.*
14.1.3.2.*
16.0.3.0.*
15.0.3.1.*
19.0.0.*
14.1.3.*
15.0.3.*
15.0.4.0.*
14.1.*
16.0.*
13.2.*
8.0.6.0.0.*
8.0.7.0.0.*
8.0.7.0.*
8.0.8.1.*
*.*
8.0.2.0.0.*
8.0.3.0.0.*
8.0.1.0.0.*
8.0.5.0.0.*
8.0.8.0.*
SE
8.2.*
7.3.*
9.1.*
8.1.*
8.0.*
9.0.*
22.1.2.*
22.1.0.*
22.2.0.*
1.10.0.*
1.9.0.*
1.7.0.*
1.4.0.*
22.1.0.*
22.2.0.*
1.9.0.*
1.7.0.*
1.4.0.*
22.1.1.*
22.1.0.*
1.15.0.*
1.8.0.*
1.2.1.*
22.1.3.*
22.4.0.*
22.1.0.*
22.2.0.*
22.3.0.*
23.1.0.*
1.15.0.*
1.11.0.*
1.14.0.*
1.9.0.*
22.1.0.*
22.2.0.*
1.15.0.*
1.14.0.*
1.4.0.*
1.6.0.*
8.0.7.2.*
8.0.8.1.0.*
8.0.7.2.0.*
8.0.8.1.*
8.0.7.1.*
*.*
8.0.8.0.*
8.1.1.0.*
8.1.1.1.*
8.1.2.0.*
22.1.1.*
22.1.0.*
1.15.0.*
1.7.0.*
1.5.0.*
1.6.0.*
22.1.2.*
22.1.0.*
22.2.0.*
1.15.0.*
1.15.1.*
1.14.0.*
22.1.1.*
22.1.3.*
22.4.0.*
22.2.0.*
22.3.0.*
23.1.0.*
1.11.0.*
1.10.0.*
1.9.0.*
3.6.1.0.*
3.6.1.*
MP2.6.*
*.*
*.SP2
2.80.*
2.85.*
2.65.*
2.65.SP2
2.76.SP1
2.76.*
2.76.-
1.0.3.*
1.0.SP1
1.0.-
-.*
*.*
1.1.3.*
-.*
1.6.284.0.*
1.6.280.0.*
1.6.*
1.5.*
5.3.41.*
5.3.40.*
*.*
5.2.21.*
5.2.24.*
5.2.20.*
5.2.23.*
5.2.19.*
5.2.22.*
5.3.25.*
1.3.*
2.1.*
1.2.*
2.0.*
2.0.2.*
2.0.1.*
7.4.3.200.*
7.4.3.100.*
7.4.3.*
7.4.2.*
2.1.*
3.0.*

Screenshots from the blog posts

images/cljfntn4t0ndx0uo1aoqzejfh.jpgimages/cljfntn4t0ndx0uo1aoqzejfh.jpg

Summary

Spring4Shell (CVE-2022-22965), a significant vulnerability in the Spring Framework, was identified in the latter part of March 2022. The severity of this vulnerability is reflected by its critical CVSS rating of 9.8, which exposes affected systems to the possibility of remote code execution (RCE). In short, an attacker can exploit the system by manipulating the Tomcat logging settings through the exposed classloader and overwriting arbitrary strings into a designated file so creating a webshell can be possible.

Description

users/photos/clj8b3h1k16g10uoihwvzgsxi.png

@jakaba

74 posts

Total vcoins

64.3K

Social media links

Comments (0)