Palo Alto Networks

Remote Code Execution

Prisma Cloud Mitigations for SpringShell and Recent Spring Vulnerabilities: CVE-2022-22963, CVE-2022-22965

In the past week, multiple vulnerabilities affecting the Spring Framework have been disclosed to the public. Among four vulnerabilities released since the beginning of March, CVE-2022-22965, which was uncovered on March 31, 2022, had the most critical impact and was dubbed SpringShell.

The SpringShell vulnerability allows attackers unauthenticated remote code execution (RCE) to affected systems. A full analysis of the SpringShell vul...

Subscribe to Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.