Usage subject to Terms and Conditions

CERT/CC Releases Information on Spring4Shell Vulnerability

CERT/CC Releases Information on Spring4Shell Vulnerability

Read the original article at https://us-cert.cisa.gov/ncas/current-activity/2022/04/01/certcc-releases-information-spring4shell-vulnerability

Original release date: April 1, 2022

The CERT Coordination Center (CERT/CC) has released information on a vulnerability (CVE-2022-22965), known as “Spring4Shell,” affecting Spring Framework, a Java framework that creates applications, including web applications. A remote attacker could exploit this vulnerability to take control of an affected system.

CISA encourages users and administrators to review the CERT/CC Vulnerability Note VU #970766 for more information and to apply the recommended mitigations. 

This product is provided subject to this Notification and this Privacy & Use policy.

Read the original article at https://us-cert.cisa.gov/ncas/current-activity/2022/04/01/certcc-releases-information-spring4shell-vulnerability