Spring by VMware has released fixes for a critical vulnerability in Spring Framework, a widely used Java library. The vulnerability (CVE-2022-22965) could allow remote code execution via data binding when applications use the Spring Framework with JDK 9 or higher. It is known to be exploitable when the affected application runs on Tomcat as a WAR deployment, but other attack vectors may also be possible. To fix this vulnerability, upgrade to Spring Framework 5.2.20 or 5.3.18 or higher.
SAINT has released both credentialed and uncredentialed checks for this vulnerability. Be sure to update the scanner to the current version and scan your systems as soon as possible to ensure they are protected from this critical vulnerability. Uncredentialed scans will look for the known attack vector in Tomcat servers. Credentialed scans will search the target’s filesystem for .jar files belonging to vulnerable versions of the framework.
Latest Detail (Update: April 8, 2022): The Hacker News: CISA Warns of Active Exploitation of Critical Spring4Shell Vulnerability
If you need assistance updating SAINT to the current version or help on other SAINT topics, contact support at firstname.lastname@example.org. If you need assistance getting SAINT for your organization, please contact sales at email@example.com.
Follow us on social media for the latest on SAINT updates and our security services below: