How Does CFW Detect and Defend Against Attacks Exploiting the Spring Framework Remote Code Execution Vulnerability?
Spring Framework is a lightweight open-source application framework for developing enterprise Java applications. A remote code execution vulnerability (CVE-2022-22965) was disclosed in the Spring framework and classified as critical. This vulnerability can be exploited to attack Java applications running on JDK 9 or later versions.
CFW can detect and intercept attacks that exploit the Spring Framework remote code execution vulnerability.
Vulnerability Name
Spring Framework remote code execution vulnerability
Affected Versions
- JDK 9 or later
- Applications developed using the Spring Framework or derived framework
Mitigation
- Log in to the CFW console and perform the following operations:
- Purchase the CFW standard edition. For details, see Purchasing CFW.
- Enable Basic protection on the Intrusion Prevention page and set Action to Block. For details, see Configuring Intrusion Prevention.
Troubleshooting FAQs
- How Do I Troubleshoot CFW Protection When Service Traffic Is Abnormal?
- Why Are Traffic and Attack Logs Incomplete on the Traffic Analysis Page?
- Why Does a Configured Policy Not Take Effect?
- What Do I Do If IPS Blocks Normal Services?
- What Do I Do If There Is No Data in Access Control Logs?
- How Does Huawei Cloud CFW Detect and Defend Against Attacks Exploiting the Apache Log4j Remote Code Execution Vulnerability?
- How Does CFW Detect and Defend Against Attacks Exploiting the Spring Framework Remote Code Execution Vulnerability?
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.
more