Vulnerability Description
In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Vmware | Spring Cloud Function | <= 3.1.6 |
| Oracle | Banking Branch | 14.5 |
| Oracle | Banking Cash Management | 14.5 |
| Oracle | Banking Corporate Lending Process Management | 14.5 |
| Oracle | Banking Credit Facilities Process Management | 14.5 |
| Oracle | Banking Electronic Data Exchange For Corporates | 14.5 |
| Oracle | Banking Liquidity Management | 14.2 |
| Oracle | Banking Origination | 14.5 |
| Oracle | Banking Supply Chain Finance | 14.5 |
| Oracle | Banking Trade Finance Process Management | 14.5 |
| Oracle | Banking Virtual Account Management | 14.5 |
| Oracle | Communications Cloud Native Core Automated Test Suite | 1.9.0 |
| Oracle | Communications Cloud Native Core Console | 1.9.0 |
| Oracle | Communications Cloud Native Core Network Exposure Function | 22.1.0 |
| Oracle | Communications Cloud Native Core Network Function Cloud Native Environment | 1.10.0 |
| Oracle | Communications Cloud Native Core Network Repository Function | 1.15.0 |
| Oracle | Communications Cloud Native Core Network Slice Selection Function | 1.8.0 |
| Oracle | Communications Cloud Native Core Policy | 1.15.0 |
| Oracle | Communications Cloud Native Core Security Edge Protection Proxy | 1.7.0 |
| Oracle | Communications Cloud Native Core Unified Data Repository | 1.15.0 |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/173430/Spring-Cloud-3.2.2-Remote-Command-ExExploitThird Party AdvisoryVDB Entry
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005Third Party Advisory
- https://tanzu.vmware.com/security/cve-2022-22963Vendor Advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-jThird Party Advisory
- https://www.oracle.com/security-alerts/cpuapr2022.htmlPatchThird Party Advisory
- https://www.oracle.com/security-alerts/cpujul2022.htmlPatchThird Party Advisory
- http://packetstormsecurity.com/files/173430/Spring-Cloud-3.2.2-Remote-Command-ExExploitThird Party AdvisoryVDB Entry
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005Third Party Advisory
- https://tanzu.vmware.com/security/cve-2022-22963Vendor Advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-jThird Party Advisory
- https://www.oracle.com/security-alerts/cpuapr2022.htmlPatchThird Party Advisory
- https://www.oracle.com/security-alerts/cpujul2022.htmlPatchThird Party Advisory
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-US Government Resource
FAQ
What is CVE-2022-22963?
CVE-2022-22963 is a vulnerability with a CVSS score of 9.8 (CRITICAL). In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression th...
How severe is CVE-2022-22963?
CVE-2022-22963 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2022-22963?
Check the references section above for vendor advisories and patch information. Affected products include: Vmware Spring Cloud Function, Oracle Banking Branch, Oracle Banking Cash Management, Oracle Banking Corporate Lending Process Management, Oracle Banking Credit Facilities Process Management.