| ID | 51352 |
| Created | Mar 30, 2022 |
| Updated | May 13, 2022 |
| Outbreak Alert | Spring4Shell Vulnerability 2022 Annual Report |
| Severity |
|
| Default Action | drop |
| Affected OS | Windows, Linux, MacOS |
| Affected App | Other |
Update History
| Date | Version | Detail |
|---|---|---|
| 2022-05-16 | 20.316 | Sig Added |
| 2022-05-02 | 20.307 | Sig Added |
| 2022-03-31 | 20.289 |
Refine Search
Threat Encyclopedia
Spring.Framework.SerializationUtils.Insecure.Deserialization
Description
This indicates an attack attempt to exploit an Insecure Deserialization in Spring Framework.
The vulnerability is due to insufficient validation of user supplied inputs. Successful exploitation could result in remote code execution.
Affected Products
Spring Framework
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
The vendor has not released an advisory or patch regarding this vulnerability.
