VMware patches RCE Spring4Shell vulnerability on a wide range of products
VMware has released a number of security updates to patch remote code execution for a dangerous vulnerability called Spring4Shell in the company's virtual machine and cloud products.
The list of products affected by Spring4Shell is posted by VMware in the security warning that the company has just posted. For unpatched products, VMware also provides a temporary fix.
At this point, users should follow the security guidelines because Spring4Shell is being actively exploited by hackers.
Spring4Shell is a remote code execution (RCE) vulnerability tracked under code CVE-2022-22965. This vulnerability resides in the Spring Core Java framework and can be exploited without authentication, with a severity rating of 9.8 out of 10.
Since Spring Framework is widely deployed for Java application development, security analysts are concerned about large-scale attacks targeting the Spring4Shell vulnerability.
Worse still, this exploit (PoC) method was shared on GitHub before the patches were released. Although it was immediately removed, this exploit method was shared everywhere on the internet.
This critical vulnerability affects Spring MVC and Spring WebFlux applications running on JDK 9+. To exploit requires the application to run on Tomcat as a WAR implementation although the exact limitations are still under investigation.
Below are the affected VMware products:
- VMware Tanzu Application Service for VMs - versions 2.10 to 2.13.
- VMware Tanzu Operation Manager - version 2.8 to 2.9.
- VMware Tanzu Kubernetes Grid Integrated Edition (TKGI) - versions 1.11 to 1.13.
If you are using products with the above versions, you should update immediately to ensure that all vulnerabilities are fixed.
You should read it
- Warning of dangerous Spring4Shell vulnerability, there are signs of scanning and exploiting
- New zero-day vulnerability warning in Windows Search, Windows protocol nightmare getting worse
- Microsoft urgently patched zero-day vulnerability after 2 years of refusing to acknowledge it
- Microsoft patches vulnerability in Windows AppX Installer being used to spread Emotet malware
- 12-year vulnerability in pkexec gives hackers root privileges on Linux
- Detected a serious zero-day vulnerability in Microsoft Office, click the document file and it will stick
- 'Printer Catastrophe' Vulnerability Threatens All Versions of Windows
- What is VENOM Vulnerability? How can you protect yourself?
- Log4Shell zero-day vulnerability discovered, the new nightmare of enterprises
- Detects a vulnerability that threatens all Windows computers shipped from 2012 up to now
- Patches of dangerous vulnerabilities being exploited by hackers contain dangerous holes and then continue to be exploited by hackers
- Steps to fix PrintNightmare vulnerability on Windows 10
Maybe you are interested
What is PetitPotam Attack? How to overcome PetitPotam attack The Microsoft MSERT tool can find web shells related to the Exchange Server attack campaign Many encrypted SSDs can be decoded without a password Wsreset tool of Windows 10 Store was used by hackers to bypass anti-virus software The CredSSP vulnerability in the RDP protocol affects all versions of Windows Detects two serious vulnerabilities on uTorrent that can help hackers execute malicious code or view download history on your computer