Usage subject to Terms and Conditions

Read the original article at

Original release date: April 1, 2022

The CERT Coordination Center (CERT/CC) has released information on a vulnerability (CVE-2022-22965), known as “Spring4Shell,” affecting Spring Framework, a Java framework that creates applications, including web applications. A remote attacker could exploit this vulnerability to take control of an affected system.

CISA encourages users and administrators to review the CERT/CC Vulnerability Note VU #970766 for more information and to apply the recommended mitigations. 

This product is provided subject to this Notification and this Privacy & Use policy.

Read the original article at