On March 29, 2022, the following critical vulnerability in the Spring Cloud Function Framework affecting releases 3.1.6, 3.2.2, and older unsupported releases was disclosed:
CVE-2022-22963: Remote code execution in Spring Cloud Function by malicious Spring Expression
For a description of this vulnerability, see VMware Spring Framework Security Vulnerability Report [βhttps://tanzu.vmware.com/security/cve-2022-22963β].
Ciscoβs Response to This Vulnerability
Cisco accessed all products for impact from CVE-2022-22963. To help detect exploitation of this vulnerability, Cisco has released Snort rules at the following location: Talos Rule SID 59388 [βhttps://www.snort.org/rule_docs/1-59388β]
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-scf-rce-DQrHhJxH [βhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-scf-rce-DQrHhJxHβ]