===================================================================== CERT-Renater Note d'Information No. 2021/VULN133 _____________________________________________________________________ DATE : 31/03/2022 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Systems running Spring Cloud Function versions prior to 3.1.7, 3.2.3. ===================================================================== https://tanzu.vmware.com/security/cve-2022-22963 _____________________________________________________________________ CVE-2022-22963: Remote code execution in Spring Cloud Function by malicious Spring Expression Severity Critical Vendor Spring by VMware Description In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources. Affected VMware Products and Versions Severity is critical unless otherwise noted. Spring Cloud Function 3.1.6 3.2.2 Older, unsupported versions are also affected Mitigation Users of affected versions should upgrade to 3.1.7, 3.2.3. No other steps are necessary. Releases that have fixed this issue include: Spring Cloud Function 3.1.7 3.2.3 Credit This vulnerability was initially discovered and responsibly reported by m09u3r. References https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H https://cwe.mitre.org/data/definitions/770.html https://cwe.mitre.org/data/definitions/497.html History 2022-03-29: Initial vulnerability report published. 2022-03-31: Updates to description, severity and references. ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 23/25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email:cert@support.renater.fr + =========================================================