qwqdanchun
/
Goby
mirror of https://github.com/qwqdanchun/Goby.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Goby/json/Spring-Core-Framework-Remot...

74 lines
3.8 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"Name": "Spring Core Framework Remote Code Execution Vulnerability(CVE-2022-22965)",
"Description": "<p>Spring core is a toolkit for discovering, creating and processing the relationship between beans in the Spring series.</p><p>An unauthenticated attacker could use this vulnerability for remote arbitrary code execution. The vulnerability exists widely in the Spring framework and derived frameworks, and JDK 9.0 and above will be affected. Products using older JDK versions are not affected.</p>",
"Product": "Spring",
"Homepage": "https://spring.io/",
"DisclosureDate": "2022-03-29",
"Author": "balisong2",
"FofaQuery": "protocol=\"http\" || protocol=\"https\"",
"GobyQuery": "protocol=\"http\" || protocol=\"https\"",
"Level": "3",
"Impact": "<p><span style=\"color: rgb(53, 53, 53); font-size: 14px;\">攻击者可通过该漏洞在服务器端任意执行代码写入后门获取服务器权限进而控制整个web服务器。</span><br></p>",
"Recommendation": "<p>临时方案:</p><p>1、WAF 拦截带有 class 关键字的请求;</p><p>2、JDK 版本回退至 JDK8 较高版本。</p>",
"References": [],
"Is0day": true,
"Translation": {
"CN": {
"Name": "Spring Core Framework 远程代码执行漏洞",
"Product": "Spring",
"Description": "<p>Spring core是Spring系列产品中用来负责发现、创建并处理bean之间的关系的一个工具包是一个包含Spring框架基本的核心工具包Spring其他组件都要使用到这个包。</p><p>未经身份验证的攻击者可以使用此漏洞进行远程任意代码执行。 该漏洞广泛存在于Spring 框架以及衍生的框架中并JDK 9.0及以上版本会受到影响。使用旧JDK版本的产品不受影响。</p>",
"Recommendation": "<p>临时方案:</p><p>1、WAF 拦截带有 class 关键字的请求;</p><p>2、JDK 版本回退至 JDK8 较高版本。</p>",
"Impact": "<p><span style=\"color: rgb(53, 53, 53); font-size: 14px;\">Attackers can use this vulnerability to arbitrarily execute code on the server side, write backdoors, obtain server permissions, and then control the entire web server.</span><br></p>",
"VulType": [
"代码执⾏"
],
"Tags": [
"代码执⾏"
]
},
"EN": {
"Name": "Spring Core Framework Remote Code Execution Vulnerability",
"Product": "Spring",
"Description": "<p>Spring core is a toolkit for discovering, creating and processing the relationship between beans in the Spring series.</p><p>An unauthenticated attacker could use this vulnerability for remote arbitrary code execution. The vulnerability exists widely in the Spring framework and derived frameworks, and JDK 9.0 and above will be affected. Products using older JDK versions are not affected.</p>",
"Recommendation": "<p>Temporary:</p><p>1. Using WAF intercepts requests with keyword '<span style=\"color: rgb(22, 51, 102); font-size: 16px;\">class</span>';</p><p>2. JDK version fallback to jdk8 higher version.</p>",
"Impact": "<p><span style=\"color: rgb(53, 53, 53); font-size: 14px;\">Attackers can use this vulnerability to arbitrarily execute code on the server side, write backdoors, obtain server permissions, and then control the entire web server.</span><br></p>",
"VulType": [
"RCE"
],
"Tags": [
"RCE"
]
}
},
"HasExp": true,
"ExpParams": [],
"ExpTips": {
"Type": "",
"Content": ""
},
"ScanSteps": null,
"ExploitSteps": null,
"Tags": [
"RCE"
],
"VulType": [
"RCE"
],
"CVEIDs": [
"CVE-2022-22965"
],
"CNNVD": [
""
],
"CNVD": [
""
],
"CVSSScore": "10.0",
"AttackSurfaces": {
"Application": null,
"Support": null,
"Service": null,
"System": null,
"Hardware": null
}
}
Reference in New Issue View Git Blame Copy Permalink