Write a blog analysis for a CVE
publish by @jakaba
29 Jun 2023
#cve_analysis
From Spring to Hell: Exploring the Spring4Shell vulnerability
by @jakaba
29 Jun 2023
#cve_analysis
Write a blog analysis for a CVE
publishFrom Spring to Hell: Exploring the Spring4Shell vulnerability
Apps
CCA
CX Cloud AgentCisco
001.012.*
*.*
0.9.2.*
1.6.*
0.0.2.*
1.7.*
0.9.*
1.3.*
0.9.3.*
2.2.*
WS
Weblogic ServerOracle
14.1.1.0.0.*
10.3.5.0.0.*
9.2.0.0.0.*
*.*
10.3.0.0.0.*
10.3.2.0.0.*
10.3.3.0.0.*
12.2.1.4.0.*
9.1.0.0.0.*
9.0.0.0.0.*
CP
Commerce PlatformOracle
10.0.3.5.*
11.2.0.3.*
11.3.2.*
11.2.0.2.*
10.2.0.5.*
11.3.0.*
11.2.0.*
11.3.1.*
11.1.0.*
11.1.*
RXP
16.0.6.*
18.0.3.*
15.0.2.*
21.0.1.*
21.0.0.*
15.0.3.*
15.0.4.*
18.0.2.*
20.0.1.*
19.0.2.*
MEM
Mysql Enterprise MonitorOracle
3.3.6.3293.*
4.0.0.5135.*
3.4.4.4226.*
8.0.18.1217.*
4.0.11.5331.*
3.4.9.4237.*
3.4.7.4297.*
8.0.0.8131.*
4.0.4.5235.*
4.0.6.5281.*
CPM
12.6.0.0.0.*
12.5.0.0.0.*
*.*
12.4.1.*
9.1.8.*
12.5.1.*
9.1.10.*
9.1.9.*
9.7.4.*
9.9.1.*
RIB
Retail Integration BusOracle
14.1.3.2.*
16.0.3.0.*
14.1.3.0.*
15.0.3.1.*
19.0.0.*
14.1.3.*
15.0.2.*
15.0.3.*
15.0.4.0.*
19.0.1.0.*
7.2.4.2.*
7.3.4.*
7.3.5.*
7.3.*
7.5.0.*
7.4.0.*
7.4.1.*
7.3.0.*
7.4.2.*
7.3.2.*
7.3.3.0.1.*
8.1.0.0.0.*
8.0.5.4.0.*
8.0.6.0.0.*
8.0.6.0.1.*
8.0.6.1.0.*
8.0.6.2.0.*
8.0.6.3.0.*
8.0.6.4.0.*
8.0.7.0.0.*
RMS
14.1.3.2.*
15.0.3.*
14.1.*
16.0.*
19.0.1.*
15.0.*
5.0.3.1.*
16.0.3.*
16.0.2.*
RBD
16.0.3.0.*
15.0.3.0.*
16.0.*
19.0.1.*
15.0.*
16.0.3.*
18.1.*
17.0.1.*
16.0.*
17.0.*
19.0.*
16.0.1.*
18.0.*
16.0.2.*
RFI
14.1.3.2.*
16.0.3.0.*
15.0.3.1.*
19.0.0.*
14.1.3.*
15.0.3.*
15.0.4.0.*
14.1.*
16.0.*
13.2.*
8.0.6.0.0.*
8.0.7.0.0.*
8.0.7.0.*
8.0.8.1.*
*.*
8.0.2.0.0.*
8.0.3.0.0.*
8.0.1.0.0.*
8.0.5.0.0.*
8.0.8.0.*
SE
Sd-Wan EdgeOracle
8.2.*
7.3.*
9.1.*
8.1.*
8.0.*
9.0.*
22.1.2.*
22.1.0.*
22.2.0.*
1.10.0.*
1.9.0.*
1.7.0.*
1.4.0.*
22.1.0.*
22.2.0.*
1.9.0.*
1.7.0.*
1.4.0.*
22.1.1.*
22.1.0.*
1.15.0.*
1.8.0.*
1.2.1.*
22.1.3.*
22.4.0.*
22.1.0.*
22.2.0.*
22.3.0.*
23.1.0.*
1.15.0.*
1.11.0.*
1.14.0.*
1.9.0.*
22.1.0.*
22.2.0.*
1.15.0.*
1.14.0.*
1.4.0.*
1.6.0.*
8.0.7.2.*
8.0.8.1.0.*
8.0.7.2.0.*
8.0.8.1.*
8.0.7.1.*
*.*
8.0.8.0.*
8.1.1.0.*
8.1.1.1.*
8.1.2.0.*
22.1.1.*
22.1.0.*
1.15.0.*
1.7.0.*
1.5.0.*
1.6.0.*
22.1.2.*
22.1.0.*
22.2.0.*
1.15.0.*
1.15.1.*
1.14.0.*
22.1.1.*
22.1.3.*
22.4.0.*
22.2.0.*
22.3.0.*
23.1.0.*
1.11.0.*
1.10.0.*
1.9.0.*
22.1.0.*
1.9.0.*
1.8.0.*
PLA
3.6.1.0.*
3.6.1.*
22.1.1.*
22.1.0.*
SI
Sipass IntegratedSiemens
MP2.6.*
*.*
*.SP2
2.80.*
2.85.*
2.65.*
2.65.SP2
2.76.SP1
2.76.*
2.76.-
SNM
1.0.3.*
1.0.SP1
1.0.-
-.*
OS
Operation SchedulerSiemens
*.*
1.1.3.*
-.*
SI
Siveillance IdentitySiemens
1.6.284.0.*
1.6.280.0.*
1.6.*
1.5.*
SSA
*.*
SF
Spring FrameworkVmware
5.3.41.*
5.3.40.*
*.*
5.2.21.*
5.2.24.*
5.2.20.*
5.2.23.*
5.2.19.*
5.2.22.*
5.3.25.*
FA
Flex ApplianceVeritas
1.3.*
2.1.*
1.2.*
2.0.*
2.0.2.*
2.0.1.*
AA
Access ApplianceVeritas
7.4.3.200.*
7.4.3.100.*
7.4.3.*
7.4.2.*
NFS
2.1.*
3.0.*
Screenshots from the blog posts
Summary
Spring4Shell (CVE-2022-22965), a significant vulnerability in the Spring Framework, was identified in the latter part of March 2022. The severity of this vulnerability is reflected by its critical CVSS rating of 9.8, which exposes affected systems to the possibility of remote code execution (RCE). In short, an attacker can exploit the system by manipulating the Tomcat logging settings through the exposed classloader and overwriting arbitrary strings into a designated file so creating a webshell can be possible.
Description
Comments (0)