Skip to content

Instantly share code, notes, and snippets.

@SwitHak
Last active September 2, 2024 22:32
Show Gist options
  • Save SwitHak/0be6e857174d6ba2a6973f9ff9030c94 to your computer and use it in GitHub Desktop.
Save SwitHak/0be6e857174d6ba2a6973f9ff9030c94 to your computer and use it in GitHub Desktop.
BlueTeam CheatSheet * Spring4Shell* | Last updated: 2022-04-16 1722 UTC

Security Advisories / Bulletins / vendors Responses linked to Spring4Shell (CVE-2022-22965)

Errors, typos, something to say ?

  • If you want to add a link, comment or send it to me
  • Feel free to report any mistake directly below in the comment or in DM on Twitter @SwitHak

Other great resources

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

0-9

A

Atlassian

B

Broadcom

C

Cisco

D

E

F

G

H

I

J

K

L

M

N

O

P

Q

R

S

T

U

V

VMware

W

X

Y

Z

Errors, typos, something to say ?

  • If you want to add a link, comment or send it to me
  • Feel free to report any mistake directly below in the comment or in DM on Twitter @SwitHak
@bynt
Copy link

bynt commented Apr 7, 2022

@bynt
Copy link

bynt commented Apr 7, 2022

@bynt
Copy link

bynt commented Apr 11, 2022

@bynt
Copy link

bynt commented Apr 11, 2022

https://shibboleth.atlassian.net/wiki/spaces/IDP4/pages/1265631499/ReleaseNotes#4.1.6-(March-31,-2022)

-> Seems this link is more generic : https://community.developer.atlassian.com/t/attention-cve-2022-22965-spring-framework-rce-investigation/57172 What is different from yours? Thanks, S.H.

This is for the SSO solution Shibboleth (Identity Provider). They did not manage to make the PoC work on this product, but decided to publish an update including Spring Framework 5.3.18 anyway.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment