Security Advisory - SA-2022-003 - "Spring4Shell" (... - Extreme Networks

Please be advised that SA-2022-003 has been published. This is a first in a series of "Spring4Shell" advisories.

Security Advisory Link: Security Advisory: SA-2022-003 – "Spring4Shell" (CVE-2022-22965) | Extreme Portal (force.com)

Summary:

A Spring MVC or Spring WebFlux application may be vulnerable to remote code execution (RCE) via data binding. You can find a list of all products and whether or not they are effected by this advisory in the article linked above.

6 Comments

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

SA-2023-047 - Framing Frames: Bypassing Wi-Fi Encryption by Manipulating Transmit Queues (Leaking fr

SA-2023-107 - libcurl cookie injection with none file (CVE-2023-38546)

SA-2023-106 - SOCKS5 heap buffer overflow (CVE-2023-38545)

GTM-P2G8KFN

Extreme Networks

Security Advisory - SA-2022-003 - "Spring4Shell" (CVE-2022-22965)

SA-2023-047 - Framing Frames: Bypassing Wi-Fi Encryption by Manipulating Transmit Queues (Leaking fr

SA-2023-107 - libcurl cookie injection with none file (CVE-2023-38546)

SA-2023-106 - SOCKS5 heap buffer overflow (CVE-2023-38545)