DETECTION OVERVIEW

Spring Cloud Function Exploit Attempt - CVE-2022-22963

Risk Factors

This code injection vulnerability is well known, and public exploit code is available. An unauthenticated attacker could gain complete control of a device, steal sensitive information, or launch additional attacks on the network.

Kill Chain

Exploitation

Risk Score

Attack Background

Spring is a common open-source Java development framework often deployed on Apache Tomcat. Spring Cloud Function is a framework that enables developers to separate business logic from infrastructure code. Spring Cloud Function has a code injection vulnerability in the FunctionRouters feature that enables an attacker to send an HTTP POST request with a malicious Java code injected into the spring.cloud.function.routing-expression HTTP header. When the Spring server processes the request, the injected malicious code runs on the server.

Mitigation Options

Upgrade Spring Cloud Function to version 3.1.7, 3.2.3, or later

MITRE ATT&CK ID

T1190

Professional Services

Partners

Partner Login

Partner Finder

View All Use Cases

View All Industries

View All Integrations

Attack Background

Mitigation Options

MITRE ATT&CK ID

What else can RevealX do for you?

View our Periodic Table of use cases