Vulnerability Name:

CVE-2022-22950 (CCN-223096)

Assigned:2022-03-28
Published:2022-03-28
Updated:2022-06-22
Summary:n Spring Framework versions 5.3.0 - 5.3.16 and older unsupported versions, it is possible for a user to provide a specially crafted SpEL expression that may cause a denial of service condition.
CVSS v3 Severity:6.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
5.7 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
5.4 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L)
4.7 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:4.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
5.5 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-770
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2022-22950

Source: XF
Type: UNKNOWN
spring-framework-cve202222950-dos(223096)

Source: CCN
Type: VMware Tanzu Web site
CVE-2022-22950: Spring Expression DoS Vulnerability

Source: MISC
Type: Mitigation, Vendor Advisory
https://tanzu.vmware.com/security/cve-2022-22950

Source: CCN
Type: ICSA-22-286-05
Hitachi Energy Lumada Asset Performance Management Prognostic Model Executor Service

Source: CCN
Type: IBM Security Bulletin 6570915 (Data Risk Manager)
IBM Data Risk Manager is affected by multiple vulnerabilities including a remote code execution in Spring Framework (CVE-2022-22965)

Source: CCN
Type: IBM Security Bulletin 6570949 (Watson Discovery)
IBM Watson Discovery for IBM Cloud Pak for Data is affected by a remote code execution in Spring Framework (CVE-2022-22965)

Source: CCN
Type: IBM Security Bulletin 6573715 (Watson Explorer)
Vulnerability exists for Spring Framework in Watson Explorer (CVE-2021-22060, CVE-2022-22965, CVE-2022-22950)

Source: CCN
Type: IBM Security Bulletin 6579161 (Tivoli Monitoring)
IBM Tivoli Monitoring is affected but not classified as vulnerable by a denial of service in Spring Framework (CVE-2022-22950)

Source: CCN
Type: IBM Security Bulletin 6579613 (Planning Analytics Workspace)
IBM Planning Analytics Workspace is affected by multiple vulnerabilities (CVE-2022-22950, XFID:217968)

Source: CCN
Type: IBM Security Bulletin 6583815 (Watson Assistant for Cloud Pak for data)
IBM Watson Assistant for IBM Cloud Pak for Data is affected but not classified as vulnerable to a denial of service in Spring Framework (CVE-2022-22950)

Source: CCN
Type: IBM Security Bulletin 6585760 (Tivoli Application Dependency Discovery Manager)
A vulnerability in Spring Framework affects IBM Tivoli Application Dependency Discovery Manager (CVE-2022-22950, CVE-2021-22096, CVE-2022-22968, CVE-2021-22060).

Source: CCN
Type: IBM Security Bulletin 6590869 (SPSS Collaboration and Deployment Services)
Multiple vulnerabilities in Spring Framework affect SPSS Collaboration and Deployment Services

Source: CCN
Type: IBM Security Bulletin 6591145 (Common Licensing)
IBM Common Licensing is vulnerable by a remote code attack in Spring Framework (CVE-2021-22096,CVE-2021-22060,CVE-2022-22950,CVE-2022-22968)

Source: CCN
Type: IBM Security Bulletin 6591499 (Watson Speech Services Cartridge for Cloud Pak for Data)
IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to improper input validation in Spring Framework (CVE-2022-22950)

Source: CCN
Type: IBM Security Bulletin 6592807 (MaaS360)
IBM MaaS360 Cloud Extender Agent, Mobile Enterprise Gateway and VPN module have multiple vulnerabilities (CVE-2021-22060, CVE-2022-22950, CVE-2022-0547, CVE-2022-0778, CVE-2022-22965)

Source: CCN
Type: IBM Security Bulletin 6593861 (Db2 Web Query for i)
Due to use of Spring Framework, IBM Db2 Web Query for i is vulnerable to unprotected fields (CVE-2022-22968), remote code execution (CVE-2022-22965), and denial of service (CVE-2022-22950).

Source: CCN
Type: IBM Security Bulletin 6593865 (Watson Speech Services Cartridge for Cloud Pak for Data)
IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service, caused by improper input validation with Spring Framework (CVE-2022-22950).

Source: CCN
Type: IBM Security Bulletin 6598419 (QRadar SIEM)
IBM QRadar SIEM is affected by a remote code execution in Spring Framework (CVE-2022-22963, CVE-2022-22965, CVE-2022-22950)

Source: CCN
Type: IBM Security Bulletin 6602625 (i Modernization Engine for Lifecycle Integration)
IBM i Modernization Engine for Lifecycle Integration is vulnerable to multiple vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6829591 (Sterling B2B Integrator)
IBM Sterling B2B Integrator vulnerable due to Spring Framework (CVE-2021-22096, CVE-2022-22950)

Source: CCN
Type: IBM Security Bulletin 6841803 (Cognos Controller)
IBM Cognos Controller has addressed multiple vulnerabilities

Source: CCN
Type: IBM Security Bulletin 7001553 (Tivoli Netcool Configuration Manager)
[All] Spring Framework - CVE-2022-22950 (Publicly disclosed vulnerability)

Source: CCN
Type: IBM Security Bulletin 7005485 (Cloud Pak for Network Automation)
Cloud Pak for Network Automation 2.5.0 fixes multiple security vulnerabilities

Vulnerable Configuration:Configuration 1:
  • cpe:/a:vmware:spring_framework:*:*:*:*:*:*:*:* (Version < 5.2.20)
  • OR cpe:/a:vmware:spring_framework:*:*:*:*:*:*:*:* (Version >= 5.3.0 and < 5.3.17)

  • Configuration CCN 1:
  • cpe:/a:pivotal_software:spring_framework:5.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:spring_framework:5.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:spring_framework:5.3.2:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:spring_framework:5.3.3:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:spring_framework:5.3.4:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:spring_framework:5.3.5:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:spring_framework:5.3.6:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:spring_framework:5.3.7:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:spring_framework:5.3.8:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:spring_framework:5.3.9:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:spring_framework:5.3.10:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:spring_framework:5.3.11:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:spring_framework:5.3.12:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:spring_framework:5.3.13:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:spring_framework:5.3.14:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:spring_framework:5.3.15:*:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:spring_framework:5.3.16:*:*:*:*:*:*:*
  • AND
  • cpe:/a:ibm:tivoli_monitoring:6.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:watson_explorer:11.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:watson_explorer:11.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_netcool_configuration_manager:6.4.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:watson_explorer:11.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:spss_collaboration_and_deployment_services:8.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:spss_collaboration_and_deployment_services:8.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:spss_collaboration_and_deployment_services:8.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_monitoring:6.3.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:watson_explorer:12.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:sterling_b2b_integrator:6.0.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:watson_explorer:12.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:watson_explorer:12.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cognos_controller:10.4.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cognos_controller:10.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:watson_discovery:2.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:watson_explorer:12.0.3:*:deep_analytics:*:analytical_components:*:*:*
  • OR cpe:/a:ibm:tivoli_application_dependency_discovery_manager:7.3.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:spss_collaboration_and_deployment_services:8.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:spss_collaboration_and_deployment_services:8.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.4:-:*:*:*:*:*:*
  • OR cpe:/a:ibm:cognos_controller:10.4.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:sterling_b2b_integrator:6.1.0.0:*:*:*:standard:*:*:*
  • OR cpe:/a:ibm:watson_discovery:2.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:sterling_b2b_integrator:6.1.1.0:*:*:*:standard:*:*:*
  • OR cpe:/a:ibm:planning_analytics_workspace:2.0:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    BACK
    vmware spring framework *
    vmware spring framework *
    pivotal_software spring framework 5.3.0
    pivotal_software spring framework 5.3.1
    pivotal_software spring framework 5.3.2
    pivotal_software spring framework 5.3.3
    pivotal_software spring framework 5.3.4
    pivotal_software spring framework 5.3.5
    pivotal_software spring framework 5.3.6
    pivotal_software spring framework 5.3.7
    pivotal_software spring framework 5.3.8
    pivotal_software spring framework 5.3.9
    pivotal_software spring framework 5.3.10
    pivotal_software spring framework 5.3.11
    pivotal_software spring framework 5.3.12
    pivotal_software spring framework 5.3.13
    pivotal_software spring framework 5.3.14
    pivotal_software spring framework 5.3.15
    pivotal_software spring framework 5.3.16
    ibm tivoli monitoring 6.3.0
    ibm watson explorer 11.0.0
    ibm watson explorer 11.0.1
    ibm tivoli netcool configuration manager 6.4.2
    ibm watson explorer 11.0.2
    ibm spss collaboration and deployment services 8.0
    ibm spss collaboration and deployment services 8.1
    ibm spss collaboration and deployment services 8.1.1
    ibm qradar security information and event manager 7.3
    ibm tivoli monitoring 6.3.0.7
    ibm watson explorer 12.0.0
    ibm sterling b2b integrator 6.0.0.0
    ibm watson explorer 12.0.1
    ibm watson explorer 12.0.2
    ibm cognos controller 10.4.0
    ibm cognos controller 10.4.1
    ibm watson discovery 2.0.0
    ibm watson explorer 12.0.3
    ibm tivoli application dependency discovery manager 7.3.0.0
    ibm spss collaboration and deployment services 8.2
    ibm spss collaboration and deployment services 8.2.1
    ibm qradar security information and event manager 7.4 -
    ibm cognos controller 10.4.2
    ibm sterling b2b integrator 6.1.0.0
    ibm watson discovery 2.2.1
    ibm sterling b2b integrator 6.1.1.0
    ibm planning analytics workspace 2.0