Kolbe Corp

On March 29th, 2022, information was disclosed to the public regarding a zero-day exploit of the Spring Framework remote code execution (RCE) vulnerability. This vulnerability affects applications running on JDK v9 or above paired with Apache Tomcat as the servlet container in a WAR package and use of Spring Framework dependencies, specifically spring-webmvc and/or spring-webflux. 

While our servers do not leverage the Spring Framework, we are evaluating and monitoring our servers nonetheless in case it is leveraged by a third party application. We will continue to keep you posted regarding the status of this vulnerability as more information is released about this exploit. 

For more information regarding this exploit: 

<a href="https://tanzu.vmware.com/security/cve-2022-22965" rel="nofollow noopener noreferrer" target="_blank">https://tanzu.vmware.com/security/cve-2022-22965</a>

<a href="https://nvd.nist.gov/vuln/detail/CVE-2022-22965" rel="nofollow noopener noreferrer" target="_blank">https://nvd.nist.gov/vuln/detail/CVE-2022-22965</a>

Critical security vulnerability (CVE-2022-22965) in Spring4Shell (Spring Framework)

Vulnerability CVE-2022-22965 Release

Copyright Kolbe Corp

Find answers and get help from Intercom Support and Community Experts

Empty Help Center

Uh oh. That page doesn’t exist.

Disappointed

Neutral

Smiley

Title

Track the progress of all tickets related to your company.

Tickets portal.

{assigneeName} needs more information from you