CVE-2022-22963 (GCVE-0-2022-22963)
Vulnerability from cvelistv5 – Published: 2022-04-01 00:00 – Updated: 2025-10-21 23:15- CWE-94 - Improper Control of Generation of Code ('Code Injection')
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Spring Cloud Function |
Affected:
Spring Cloud Function versions 3.1.6, 3.2.2 and all old and unsupported versions
|
CISA
Known Exploited Vulnerability - GCVE BCP-07 Compliant
Exploited: Yes
Timestamps
Scope
Evidence
Type: Vendor Report
Signal: Successful Exploitation
Confidence: 80%
Source: cisa-kev
Details
| Cwes | CWE-94 |
|---|---|
| Feed | CISA Known Exploited Vulnerabilities Catalog |
| Product | Spring Cloud |
| Due Date | 2022-09-15 |
| Date Added | 2022-08-25 |
| Vendorproject | VMware Tanzu |
| Vulnerabilityname | VMware Tanzu Spring Cloud Function Remote Code Execution Vulnerability |
| Knownransomwarecampaignuse | Unknown |
References
Shadowserver
Known Exploited Vulnerability - GCVE BCP-07 Compliant
Exploited: Yes
Characteristics
Timestamps
Scope
Evidence
Type: Honeypot
Signal: In The Wild Attempts
Confidence: 70%
Source: shadowserver
Details
| 1D | 1 |
|---|---|
| Iot | no |
| Feed | Shadowserver Foundation honeypot/exploited-vulnerabilities |
| Type | http-scan |
| Class | other-software |
| 7D Avg | 0 |
| Vendor | Spring |
| 30D Avg | 0 |
| 90D Avg | 0 |
| Product | Spring Cloud Function |
| Cisa Kev | yes |
| Connections | 9 |
| Observation Date | 2026-06-27 |
| Vulnerability Class | CVSS |
| Vulnerability Score | 9.8 |
| Vulnerability Severity | Critical |
References
KEVIntel
Known Exploited Vulnerability - GCVE BCP-07 Compliant
Exploited: Yes
Timestamps
Scope
Evidence
Type: Public Report
Signal: Successful Exploitation
Confidence: 70%
Source: kevintel
Details
| Feed | KEVIntel (kevintel.com) |
|---|---|
| Title | In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to... |
| Vendor | VMware |
| Product | Spring Cloud Function |
| Added Date | 2022-08-25T00:00:00.000Z |
| Cvss Score | 9.8 |
| Epss Score | None |
| Cvss Severity | CRITICAL |
| Epss Percentile | None |
| Used In Malware | unknown |
| Ahead Of Cisa Kev | None |
| Not Yet In Cisa Kev | False |
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:28:42.845Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://tanzu.vmware.com/security/cve-2022-22963"
},
{
"name": "20220401 Vulnerability in Spring Cloud Function Framework Affecting Cisco Products: March 2022",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-scf-rce-DQrHhJxH"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/173430/Spring-Cloud-3.2.2-Remote-Command-Execution.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-22963",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T17:53:06.523275Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-08-25",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-22963"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:15:42.941Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-22963"
}
],
"timeline": [
{
"lang": "en",
"time": "2022-08-25T00:00:00.000Z",
"value": "CVE-2022-22963 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Spring Cloud Function",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Spring Cloud Function versions 3.1.6, 3.2.2 and all old and unsupported versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-13T00:00:00.000Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://tanzu.vmware.com/security/cve-2022-22963"
},
{
"name": "20220401 Vulnerability in Spring Cloud Function Framework Affecting Cisco Products: March 2022",
"tags": [
"vendor-advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-scf-rce-DQrHhJxH"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005"
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"url": "http://packetstormsecurity.com/files/173430/Spring-Cloud-3.2.2-Remote-Command-Execution.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2022-22963",
"datePublished": "2022-04-01T00:00:00.000Z",
"dateReserved": "2022-01-10T00:00:00.000Z",
"dateUpdated": "2025-10-21T23:15:42.941Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"cisa_known_exploited": {
"cveID": "CVE-2022-22963",
"cwes": "[\"CWE-94\"]",
"dateAdded": "2022-08-25",
"dueDate": "2022-09-15",
"knownRansomwareCampaignUse": "Unknown",
"notes": "https://tanzu.vmware.com/security/cve-2022-22963; https://nvd.nist.gov/vuln/detail/CVE-2022-22963",
"product": "Spring Cloud",
"requiredAction": "Apply updates per vendor instructions.",
"shortDescription": "When using routing functionality in VMware Tanzu\u0027s Spring Cloud Function, it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources.",
"vendorProject": "VMware Tanzu",
"vulnerabilityName": "VMware Tanzu Spring Cloud Function Remote Code Execution Vulnerability"
},
"epss": {
"cve": "CVE-2022-22963",
"date": "2026-07-01",
"epss": "0.99939",
"percentile": "0.99969"
},
"fkie_nvd": {
"cisaActionDue": "2022-09-15",
"cisaExploitAdd": "2022-08-25",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "VMware Tanzu Spring Cloud Function Remote Code Execution Vulnerability",
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:spring_cloud_function:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"3.1.6\", \"matchCriteriaId\": \"905988BB-71EE-49CE-A73C-FBD4488299D2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:spring_cloud_function:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"3.2.0\", \"versionEndIncluding\": \"3.2.2\", \"matchCriteriaId\": \"43C88657-BCAC-40EB-83EB-2FF70F9173A0\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:banking_branch:14.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BAE9DFCA-E0C2-420D-86D7-5593F12EE945\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:banking_cash_management:14.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"626C6209-8BC3-4954-BF0C-51500582457E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6EE231C5-8BF0-48F4-81EF-7186814664CA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:banking_credit_facilities_process_management:14.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2AA5FF83-B693-4DAB-B585-0FD641266231\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:banking_electronic_data_exchange_for_corporates:14.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A6B6968A-9EB3-46B6-9BD4-735EFED3F869\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:banking_liquidity_management:14.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B7FC2BF9-B6D7-420E-9CF5-21AB770B9CC1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:banking_liquidity_management:14.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9D5A1417-2C59-431F-BF5C-A2BCFEBC95FD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:banking_origination:14.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1D6889DD-D320-470C-BA94-165AC79A3AD2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:banking_supply_chain_finance:14.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"45AB3A29-0994-46F4-8093-B4A9CE0BD95F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:banking_trade_finance_process_management:14.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AA4A9041-B9BC-451C-B1BD-4E2FD795BF27\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:banking_virtual_account_management:14.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E2696CD1-9514-405D-A3B3-8308EC1FA571\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A4CA84D6-F312-4C29-A02B-050FCB7A902B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:22.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2DF6C109-E3D3-431C-8101-2FF88763CF5A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_cloud_native_core_console:1.9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DAAB7154-4DE8-4806-86D0-C1D33B84417B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_cloud_native_core_console:22.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B5BB2213-08E7-497F-B672-556FD682D122\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E24426EE-6A3F-413E-A70A-FB98CCD007A1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:1.10.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C2A5B24D-BDF2-423C-98EA-A40778C01A05\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"04E6C8E9-2024-496C-9BFD-4548A5B44E2E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1E3221BB-E48E-4B28-B84F-C888EE802A17\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.15.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6F60E32F-0CA0-4C2D-9848-CB92765A9ACB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B61A7946-F554-44A9-9E41-86114E4B4914\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3AA09838-BF13-46AC-BB97-A69F48B73A8A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:22.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D6577F14-36B6-46A5-A1B1-FCCADA61A23B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.15.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B4367D9B-BF81-47AD-A840-AC46317C774D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0425918A-03F1-4541-BDEF-55B03E07E115\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4B0C905A-EA99-4B4E-A350-7F6A63CD6EB1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:1.7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BD4349FE-EEF8-489A-8ABF-5FCD55EC6DE0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D235B299-9A0E-44FF-84F1-2FFBC070A21D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:1.15.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C6EAA723-2A23-4151-930B-86ACF9CC1C0C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3C2E50B0-64B6-4696-9213-F5D9016058A5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_communications_policy_management:12.6.0.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"570DB369-A31B-4108-A7FD-09F674129603\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3CC69CF0-6269-40F5-871B-16CFD5EC4C45\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"172BECE8-9626-4910-AAA1-A2FA9C7139E3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A4B3A10E-70A8-4332-8567-06AE2C45D3C6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"059F0D4E-B007-4986-AB95-89F11147CB2B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6CAC78AD-86BB-4F06-B8CF-8E1329987F2F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"44563108-AD89-49A0-9FA5-7DE5A5601D2C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FCA5DC3F-E7D8-45E3-8114-2213EC631CDF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"078AEFC0-96DA-4F50-BE8E-8360718103A5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"8.0.29\", \"matchCriteriaId\": \"B0EBAC6D-D0CE-42A1-AEA0-2D50C8035747\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:product_lifecycle_analytics:3.6.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0531C009-B395-4E94-A5F0-A89A152E706B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:retail_xstore_point_of_service:20.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A69FB468-EAF3-4E67-95E7-DF92C281C1F1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:retail_xstore_point_of_service:21.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8AB16F34-D561-498F-A8C3-A24A47BCEBC9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:sd-wan_edge:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"77E39D5C-5EFA-4FEB-909E-0A92004F2563\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:sd-wan_edge:9.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"06816711-7C49-47B9-A9D7-FB18CC3F42F2\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources.\"}, {\"lang\": \"es\", \"value\": \"En Spring Cloud Function versiones 3.1.6, 3.2.2 y versiones anteriores no soportadas, cuando es usada la funcionalidad routing es posible que un usuario proporcione un SpEL especialmente dise\\u00f1ado como expresi\\u00f3n de enrutamiento que puede resultar en la ejecuci\\u00f3n de c\\u00f3digo remota y el acceso a recursos locales\"}]",
"id": "CVE-2022-22963",
"lastModified": "2024-11-21T06:47:41.710",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2022-04-01T23:15:13.663",
"references": "[{\"url\": \"http://packetstormsecurity.com/files/173430/Spring-Cloud-3.2.2-Remote-Command-Execution.html\", \"source\": \"security@vmware.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005\", \"source\": \"security@vmware.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://tanzu.vmware.com/security/cve-2022-22963\", \"source\": \"security@vmware.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-scf-rce-DQrHhJxH\", \"source\": \"security@vmware.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuapr2022.html\", \"source\": \"security@vmware.com\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujul2022.html\", \"source\": \"security@vmware.com\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://packetstormsecurity.com/files/173430/Spring-Cloud-3.2.2-Remote-Command-Execution.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://tanzu.vmware.com/security/cve-2022-22963\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-scf-rce-DQrHhJxH\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuapr2022.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujul2022.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}]",
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"security@vmware.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-94\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-917\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2022-22963\",\"sourceIdentifier\":\"security@vmware.com\",\"published\":\"2022-04-01T23:15:13.663\",\"lastModified\":\"2026-06-17T04:29:15.340\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources.\"},{\"lang\":\"es\",\"value\":\"En Spring Cloud Function versiones 3.1.6, 3.2.2 y versiones anteriores no soportadas, cuando es usada la funcionalidad routing es posible que un usuario proporcione un SpEL especialmente dise\u00f1ado como expresi\u00f3n de enrutamiento que puede resultar en la ejecuci\u00f3n de c\u00f3digo remota y el acceso a recursos locales\"}],\"affected\":[{\"source\":\"security@vmware.com\",\"affectedData\":[{\"vendor\":\"n/a\",\"product\":\"Spring Cloud Function\",\"versions\":[{\"version\":\"Spring Cloud Function versions 3.1.6, 3.2.2 and all old and unsupported versions\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2025-01-29T17:53:06.523275Z\",\"id\":\"CVE-2022-22963\",\"options\":[{\"exploitation\":\"active\"},{\"automatable\":\"yes\"},{\"technicalImpact\":\"total\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"cisaExploitAdd\":\"2022-08-25\",\"cisaActionDue\":\"2022-09-15\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"VMware Tanzu Spring Cloud Function Remote Code Execution Vulnerability\",\"weaknesses\":[{\"source\":\"security@vmware.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-94\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-917\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:spring_cloud_function:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.1.6\",\"matchCriteriaId\":\"905988BB-71EE-49CE-A73C-FBD4488299D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:spring_cloud_function:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.2.0\",\"versionEndIncluding\":\"3.2.2\",\"matchCriteriaId\":\"43C88657-BCAC-40EB-83EB-2FF70F9173A0\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_branch:14.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BAE9DFCA-E0C2-420D-86D7-5593F12EE945\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_cash_management:14.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"626C6209-8BC3-4954-BF0C-51500582457E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6EE231C5-8BF0-48F4-81EF-7186814664CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_credit_facilities_process_management:14.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2AA5FF83-B693-4DAB-B585-0FD641266231\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_electronic_data_exchange_for_corporates:14.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6B6968A-9EB3-46B6-9BD4-735EFED3F869\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_liquidity_management:14.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7FC2BF9-B6D7-420E-9CF5-21AB770B9CC1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_liquidity_management:14.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D5A1417-2C59-431F-BF5C-A2BCFEBC95FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_origination:14.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D6889DD-D320-470C-BA94-165AC79A3AD2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_supply_chain_finance:14.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45AB3A29-0994-46F4-8093-B4A9CE0BD95F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_trade_finance_process_management:14.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AA4A9041-B9BC-451C-B1BD-4E2FD795BF27\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_virtual_account_management:14.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2696CD1-9514-405D-A3B3-8308EC1FA571\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4CA84D6-F312-4C29-A02B-050FCB7A902B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:22.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DF6C109-E3D3-431C-8101-2FF88763CF5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_console:1.9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DAAB7154-4DE8-4806-86D0-C1D33B84417B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_console:22.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5BB2213-08E7-497F-B672-556FD682D122\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E24426EE-6A3F-413E-A70A-FB98CCD007A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:1.10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2A5B24D-BDF2-423C-98EA-A40778C01A05\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04E6C8E9-2024-496C-9BFD-4548A5B44E2E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E3221BB-E48E-4B28-B84F-C888EE802A17\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F60E32F-0CA0-4C2D-9848-CB92765A9ACB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B61A7946-F554-44A9-9E41-86114E4B4914\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3AA09838-BF13-46AC-BB97-A69F48B73A8A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:22.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6577F14-36B6-46A5-A1B1-FCCADA61A23B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4367D9B-BF81-47AD-A840-AC46317C774D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0425918A-03F1-4541-BDEF-55B03E07E115\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B0C905A-EA99-4B4E-A350-7F6A63CD6EB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:1.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD4349FE-EEF8-489A-8ABF-5FCD55EC6DE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D235B299-9A0E-44FF-84F1-2FFBC070A21D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:1.15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6EAA723-2A23-4151-930B-86ACF9CC1C0C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C2E50B0-64B6-4696-9213-F5D9016058A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_communications_policy_management:12.6.0.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"570DB369-A31B-4108-A7FD-09F674129603\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3CC69CF0-6269-40F5-871B-16CFD5EC4C45\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"172BECE8-9626-4910-AAA1-A2FA9C7139E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4B3A10E-70A8-4332-8567-06AE2C45D3C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"059F0D4E-B007-4986-AB95-89F11147CB2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6CAC78AD-86BB-4F06-B8CF-8E1329987F2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"44563108-AD89-49A0-9FA5-7DE5A5601D2C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FCA5DC3F-E7D8-45E3-8114-2213EC631CDF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"078AEFC0-96DA-4F50-BE8E-8360718103A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"8.0.29\",\"matchCriteriaId\":\"B0EBAC6D-D0CE-42A1-AEA0-2D50C8035747\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:product_lifecycle_analytics:3.6.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0531C009-B395-4E94-A5F0-A89A152E706B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:20.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A69FB468-EAF3-4E67-95E7-DF92C281C1F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:21.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AB16F34-D561-498F-A8C3-A24A47BCEBC9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:sd-wan_edge:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77E39D5C-5EFA-4FEB-909E-0A92004F2563\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:sd-wan_edge:9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06816711-7C49-47B9-A9D7-FB18CC3F42F2\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/173430/Spring-Cloud-3.2.2-Remote-Command-Execution.html\",\"source\":\"security@vmware.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005\",\"source\":\"security@vmware.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://tanzu.vmware.com/security/cve-2022-22963\",\"source\":\"security@vmware.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-scf-rce-DQrHhJxH\",\"source\":\"security@vmware.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2022.html\",\"source\":\"security@vmware.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2022.html\",\"source\":\"security@vmware.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/173430/Spring-Cloud-3.2.2-Remote-Command-Execution.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://tanzu.vmware.com/security/cve-2022-22963\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-scf-rce-DQrHhJxH\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-22963\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://tanzu.vmware.com/security/cve-2022-22963\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-scf-rce-DQrHhJxH\", \"name\": \"20220401 Vulnerability in Spring Cloud Function Framework Affecting Cisco Products: March 2022\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuapr2022.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujul2022.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/173430/Spring-Cloud-3.2.2-Remote-Command-Execution.html\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T03:28:42.845Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-22963\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-01-29T17:53:06.523275Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2022-08-25\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-22963\"}}}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2022-08-25T00:00:00.000Z\", \"value\": \"CVE-2022-22963 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-22963\", \"tags\": [\"government-resource\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-01-29T17:53:16.295Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"Spring Cloud Function\", \"versions\": [{\"status\": \"affected\", \"version\": \"Spring Cloud Function versions 3.1.6, 3.2.2 and all old and unsupported versions\"}]}], \"references\": [{\"url\": \"https://tanzu.vmware.com/security/cve-2022-22963\"}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-scf-rce-DQrHhJxH\", \"name\": \"20220401 Vulnerability in Spring Cloud Function Framework Affecting Cisco Products: March 2022\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuapr2022.html\"}, {\"url\": \"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0005\"}, {\"url\": \"https://www.oracle.com/security-alerts/cpujul2022.html\"}, {\"url\": \"http://packetstormsecurity.com/files/173430/Spring-Cloud-3.2.2-Remote-Command-Execution.html\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-94\", \"description\": \"CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"dcf2e128-44bd-42ed-91e8-88f912c1401d\", \"shortName\": \"vmware\", \"dateUpdated\": \"2023-07-13T00:00:00.000Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2022-22963\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-21T23:15:42.941Z\", \"dateReserved\": \"2022-01-10T00:00:00.000Z\", \"assignerOrgId\": \"dcf2e128-44bd-42ed-91e8-88f912c1401d\", \"datePublished\": \"2022-04-01T00:00:00.000Z\", \"assignerShortName\": \"vmware\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.