Search Imperva Community for
Hi Wenxuan,Thanks for the post. I spoke to Daniel Johnston from our Threat Research team, who are working on this vulnerability. Here is his update:
As far as we are aware from the information available, there are two separate RCE vulnerabilities relating to spring framework. The first relates to the spring cloud module, and is now being tracked under CVE ID: CVE-2022-22963. From the information available it appears that the exploits are blocked OOTB by both cloud WAF and On-Prem WAF, however we are continuing to monitor closely.The second relates to spring core, and as yet is not being tracked by a CVE. There is still little information available, however from our initial analysis we believe that this will be blocked out of the box by our existing Java deserialization ruleset, however we are continuing to monitor the situation closely as it unfolds.
I hope this helps. I will update as I have more info. In the meantime, you may find this webinar interesting. It looks at how our Threat Research and Support teams work together to protect our customers and provides tips on steps you can take to keep on top of the information we push out on the subject. Daniel Johnston and Stefan Pynappels are the presenters...Webinar Recording: Log4j, Imperva and YouThanks,
Hi Ahmet,I have requested an update from our Threat Research team and will update ASAP.
My understanding is that the Java zero-day called "SpringShell" is blocked by On-prem WAF, Cloud WAF and RASP by default, so no rule changes or policies are required. However, the team continue to monitor this so do keep checking in with this thread.I understand the team are working on a communication on this.Thanks,
Hi All,Thanks for your patience. Keep an eye on this blog post for official update from Imperva. This post will be updated:
Imperva Protects from New Spring Framework Zero-Day Vulnerabilities | Imperva
Hi AllManual Mitigation steps are now available here:
Manual Mitigation for CVE-2022-22963 and CVE-2022-22965 - Spring Framework Vulnerabilities (imperva.com)I hope this helps @Seb Man @Louis Tsoi @Ahmet Ufuk Culfa @Wenxuan MaLet us know how it goes.
or Contact Us
Copyright @ 2019 Imperva. All rights reserved