Return
-
Title
Impact of CVE-2022-22965 and CVE-2022-22963 Spring4Shell vulnerabilities -
Description
A critical vulnerability was recently discovered related to systems/software that run Spring MVC or Spring WebFlux application on JDK 9+
More information about this vulnerability can be found here National Vulnerability Database - CVE-2022-22965 (nist.gov) and here National Vulnerability Database - CVE-2022-22963 (nist.gov) -
Cause
-
Resolution
These vulnerabilities were discovered in the Java Spring Framework and its Spring Cloud Function component, respectively, and DR Series appliances and QoreStor do not use these components, therefore they are not affected.