6.0
MEDIUM
CVE-2010-1622
Apache Spring Framework Remote Code Execution
Description

SpringSource Spring Framework 2.5.x before 2.5.6.SEC02, 2.5.7 before 2.5.7.SR01, and 3.0.x before 3.0.3 allows remote attackers to execute arbitrary code via an HTTP request containing class.classLoader.URLs[0]=jar: followed by a URL of a crafted .jar file.

INFO

Published Date :

June 21, 2010, 4:30 p.m.

Last Modified :

Feb. 13, 2023, 4:17 a.m.

Source :

[email protected]

Remotely Exploitable :

Yes !

Impact Score :

6.4

Exploitability Score :

6.8
Public PoC/Exploit Available at Github

CVE-2010-1622 has a 20 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

Affected Products

The following products are affected by CVE-2010-1622 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Oracle fusion_middleware
1 Springsource spring_framework
: Total Affected Vendor : 2 | Products : 2
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2010-1622.

URL Resource
http://geronimo.apache.org/2010/07/21/apache-geronimo-v216-released.html Vendor Advisory
http://geronimo.apache.org/21x-security-report.html Vendor Advisory
http://geronimo.apache.org/22x-security-report.html Vendor Advisory
http://secunia.com/advisories/41016
http://secunia.com/advisories/41025
http://secunia.com/advisories/43087
http://www.exploit-db.com/exploits/13918 Exploit
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
http://www.redhat.com/support/errata/RHSA-2011-0175.html
http://www.securityfocus.com/archive/1/511877 Exploit
http://www.securityfocus.com/bid/40954
http://www.securitytracker.com/id/1033898
http://www.springsource.com/security/cve-2010-1622 Exploit Vendor Advisory
http://www.vupen.com/english/advisories/2011/0237

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Profile Photo
seal-community/patches

A centralized repository of standalone security patches for open source libraries.

appsec backport cve devsecops fix hotfix open-source patch protection remediation seal security update upgrade vulnerability

Updated: 2 months, 3 weeks ago
182 stars 0 fork 0 watcher
Born at : July 30, 2023, 4:46 p.m. This repo has been linked 265 different CVEs too.
Profile Photo
kyereafrane/Malware_attack_response.

The project describes how a security analyst in the Security Operations Center responds, mitigates, analyzes a malware attack and handles incident postmortem.

Updated: 1 year, 4 months ago
0 stars 0 fork 0 watcher
Born at : May 18, 2023, 9:11 p.m. This repo has been linked 1 different CVEs too.
Profile Photo
CVEDB/awesome-cve-repo

None

Shell

Updated: 1 week, 4 days ago
3 stars 2 fork 2 watcher
Born at : March 23, 2023, 4:32 a.m. This repo has been linked 435 different CVEs too.
Profile Photo
gokul-ramesh/Spring4Shell-PoC-exploit

Demonstrable Proof of Concept Exploit for Spring4Shell Vulnerability (CVE-2022-22965)

cve-2022-22965 spring4shell exploit-poc

Python

Updated: 2 months, 3 weeks ago
1 stars 0 fork 0 watcher
Born at : March 12, 2023, 5:37 p.m. This repo has been linked 2 different CVEs too.
Profile Photo
E-bounce/cve-2010-1622_learning_environment

cve-2010-1622 Learning Environment

Dockerfile Java

Updated: 1 year, 7 months ago
1 stars 0 fork 0 watcher
Born at : Jan. 11, 2023, 3:37 a.m. This repo has been linked 1 different CVEs too.
Profile Photo
HandsomeCat00/Spring-CVE-2010-1622

Spring-CVE-2010-1622

Java

Updated: 1 year, 8 months ago
0 stars 0 fork 0 watcher
Born at : Dec. 5, 2022, 2:28 a.m. This repo has been linked 1 different CVEs too.
Profile Photo
1nhann/spring2010

None

Updated: 2 years, 1 month ago
0 stars 0 fork 0 watcher
Born at : Aug. 13, 2022, 3:33 p.m. This repo has been linked 1 different CVEs too.
Profile Photo
cxzero/CVE-2022-22965-spring4shell

CVE-2022-22965 Spring4Shell research & PoC

cve-2022-22965 spring-framework spring4shell spring4shell-poc

Python Dockerfile Java

Updated: 1 year, 2 months ago
1 stars 1 fork 1 watcher
Born at : May 19, 2022, 11:16 p.m. This repo has been linked 2 different CVEs too.
Profile Photo
Enokiy/spring-RCE-CVE-2022-22965

None

Java

Updated: 2 years, 4 months ago
0 stars 0 fork 0 watcher
Born at : April 29, 2022, 9:58 a.m. This repo has been linked 2 different CVEs too.
Profile Photo
j4k0m/spring4shell-secdojo

A write-up for SecDojo Spring4shell lab.

Shell

Updated: 7 months, 3 weeks ago
3 stars 2 fork 2 watcher
Born at : April 14, 2022, 1:10 a.m. This repo has been linked 2 different CVEs too.
Profile Photo
LudovicPatho/CVE-2022-22965_Spring4Shell

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.

Python

Updated: 1 month ago
2 stars 2 fork 2 watcher
Born at : April 5, 2022, 8:34 p.m. This repo has been linked 2 different CVEs too.
Profile Photo
Snip3R69/spring-shell-vuln

Spring has Confirmed the RCE in Spring Framework. The team has just published the statement along with the mitigation guides for the issue. Now, this vulnerability can be tracked as CVE-2022-22965.

Updated: 1 year, 4 months ago
1 stars 0 fork 0 watcher
Born at : April 5, 2022, 9:35 a.m. This repo has been linked 2 different CVEs too.
Profile Photo
GuayoyoCyber/CVE-2022-22965

Vulnerabilidad RCE en Spring Framework vía Data Binding on JDK 9+ (CVE-2022-22965 aka "Spring4Shell")

cve-2022-22965 spring-framework spring4shell wazuh vulnerability

Dockerfile Java Python

Updated: 2 years, 4 months ago
6 stars 3 fork 3 watcher
Born at : March 31, 2022, 4:14 p.m. This repo has been linked 3 different CVEs too.
Profile Photo
strainerart/Spring4Shell

Threat Intelligence on Zero-Day for Spring4Shell (CVE-2010-1622)

Updated: 2 years, 5 months ago
0 stars 0 fork 0 watcher
Born at : March 31, 2022, 2:25 p.m. This repo has been linked 1 different CVEs too.
Profile Photo
DDuarte/springshell-rce-poc

CVE-2022-22965 - CVE-2010-1622 redux

cve-2022-22965 cve-2010-1622 springshell spring4shell

Dockerfile Python Java

Updated: 1 month ago
19 stars 10 fork 10 watcher
Born at : March 31, 2022, 8:06 a.m. This repo has been linked 2 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2010-1622 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2010-1622 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by [email protected]

    May. 14, 2024

    Action Type Old Value New Value
  • CVE Modified by [email protected]

    Feb. 13, 2023

    Action Type Old Value New Value
    Changed Description CVE-2010-1622 SpringSource Spring Framework (x < 2.5.6.SEC02, 2.5.7.SR01, 3.0.3): Arbitrary Java code execution via an HTTP request containing a specially-crafted .jar file SpringSource Spring Framework 2.5.x before 2.5.6.SEC02, 2.5.7 before 2.5.7.SR01, and 3.0.x before 3.0.3 allows remote attackers to execute arbitrary code via an HTTP request containing class.classLoader.URLs[0]=jar: followed by a URL of a crafted .jar file.
    Removed CVSS V2 Metadata Victim must voluntarily interact with attack mechanism
    Removed CVSS V2 Red Hat, Inc. (AV:N/AC:L/Au:N/C:P/I:P/A:P)
    Removed Reference https://access.redhat.com/errata/RHSA-2011:0175 [No Types Assigned]
    Removed Reference https://access.redhat.com/security/cve/CVE-2010-1622 [No Types Assigned]
    Removed Reference https://bugzilla.redhat.com/show_bug.cgi?id=606706 [No Types Assigned]
  • CVE Modified by [email protected]

    Feb. 02, 2023

    Action Type Old Value New Value
    Changed Description SpringSource Spring Framework 2.5.x before 2.5.6.SEC02, 2.5.7 before 2.5.7.SR01, and 3.0.x before 3.0.3 allows remote attackers to execute arbitrary code via an HTTP request containing class.classLoader.URLs[0]=jar: followed by a URL of a crafted .jar file. CVE-2010-1622 SpringSource Spring Framework (x < 2.5.6.SEC02, 2.5.7.SR01, 3.0.3): Arbitrary Java code execution via an HTTP request containing a specially-crafted .jar file
    Added CVSS V2 Red Hat, Inc. (AV:N/AC:L/Au:N/C:P/I:P/A:P)
    Added Reference https://bugzilla.redhat.com/show_bug.cgi?id=606706 [No Types Assigned]
    Added Reference https://access.redhat.com/errata/RHSA-2011:0175 [No Types Assigned]
    Added Reference https://access.redhat.com/security/cve/CVE-2010-1622 [No Types Assigned]
  • CVE Modified by [email protected]

    Dec. 07, 2016

    Action Type Old Value New Value
    Added Reference http://www.securitytracker.com/id/1033898 [No Types Assigned]
  • CVE Modified by [email protected]

    Apr. 07, 2016

    Action Type Old Value New Value
    Removed Reference http://www.oracle.com/technetwork/topics/security/alerts-086861.html
    Added Reference http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
  • Modified Analysis by [email protected]

    Nov. 05, 2015

    Action Type Old Value New Value
    Added Evaluator Description The previous CVSS assessment 5.1 (AV:N/AC:M/Au:N/C:P/I:P/A:P) was provided at the time of initial analysis based on the best available published information at that time. The score has be updated to reflect the impact to Oracle products per <a href=http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html> Oracle Critical Patch Update Advisory - October 2015 </a>. Other products listed as vulnerable may or may not be similarly impacted.
    Changed CPE Configuration Configuration 1 OR *cpe:2.3:a:springsource:spring_framework:2.5.0:*:*:*:*:*:*:* *cpe:2.3:a:springsource:spring_framework:2.5.1:*:*:*:*:*:*:* *cpe:2.3:a:springsource:spring_framework:2.5.2:*:*:*:*:*:*:* *cpe:2.3:a:springsource:spring_framework:2.5.3:*:*:*:*:*:*:* *cpe:2.3:a:springsource:spring_framework:2.5.4:*:*:*:*:*:*:* *cpe:2.3:a:springsource:spring_framework:2.5.5:*:*:*:*:*:*:* *cpe:2.3:a:springsource:spring_framework:2.5.6:*:*:*:*:*:*:* *cpe:2.3:a:springsource:spring_framework:2.5.7:*:*:*:*:*:*:* *cpe:2.3:a:springsource:spring_framework:3.0.2:*:*:*:*:*:*:* *cpe:2.3:a:springsource:spring_framework:3.0.1:*:*:*:*:*:*:* *cpe:2.3:a:springsource:spring_framework:3.0.0:*:*:*:*:*:*:* Configuration 1 OR *cpe:2.3:a:oracle:fusion_middleware:7.6.2:*:*:*:*:*:*:* *cpe:2.3:a:oracle:fusion_middleware:11.1.1.6.1:*:*:*:*:*:*:* *cpe:2.3:a:oracle:fusion_middleware:11.1.1.8.0:*:*:*:*:*:*:* Configuration 2 OR *cpe:2.3:a:springsource:spring_framework:2.5.0:*:*:*:*:*:*:* *cpe:2.3:a:springsource:spring_framework:2.5.1:*:*:*:*:*:*:* *cpe:2.3:a:springsource:spring_framework:2.5.2:*:*:*:*:*:*:* *cpe:2.3:a:springsource:spring_framework:2.5.3:*:*:*:*:*:*:* *cpe:2.3:a:springsource:spring_framework:2.5.4:*:*:*:*:*:*:* *cpe:2.3:a:springsource:spring_framework:2.5.5:*:*:*:*:*:*:* *cpe:2.3:a:springsource:spring_framework:2.5.6:*:*:*:*:*:*:* *cpe:2.3:a:springsource:spring_framework:2.5.7:*:*:*:*:*:*:* *cpe:2.3:a:springsource:spring_framework:3.0.2:*:*:*:*:*:*:* *cpe:2.3:a:springsource:spring_framework:3.0.1:*:*:*:*:*:*:* *cpe:2.3:a:springsource:spring_framework:3.0.0:*:*:*:*:*:*:*
    Changed CVSS V2 (AV:N/AC:H/Au:N/C:P/I:P/A:P) (AV:N/AC:M/Au:S/C:P/I:P/A:P)
    Changed Reference Type http://geronimo.apache.org/22x-security-report.html No Types Assigned http://geronimo.apache.org/22x-security-report.html Advisory
    Changed Reference Type http://www.oracle.com/technetwork/topics/security/alerts-086861.html No Types Assigned http://www.oracle.com/technetwork/topics/security/alerts-086861.html Advisory
    Changed Reference Type http://geronimo.apache.org/2010/07/21/apache-geronimo-v216-released.html No Types Assigned http://geronimo.apache.org/2010/07/21/apache-geronimo-v216-released.html Advisory
    Changed Reference Type http://geronimo.apache.org/21x-security-report.html No Types Assigned http://geronimo.apache.org/21x-security-report.html Advisory
  • CVE Modified by [email protected]

    Oct. 23, 2015

    Action Type Old Value New Value
    Added Reference http://www.oracle.com/technetwork/topics/security/alerts-086861.html
  • Initial Analysis by [email protected]

    Jun. 22, 2010

    Action Type Old Value New Value
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2010-1622 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2010-1622 weaknesses.

Exploit Prediction

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days.

3.16 }} -0.48%

score

0.91259

percentile

CVSS2 - Vulnerability Scoring System
Access Vector
Access Complexity
Authentication
Confidentiality
Integrity
Availability
: