/support/notes/service/sap_logo.png){kind=logo}
SAP Knowledge Base Article - PreviewSymptom
A zero-day remote code execution (RCE) vulnerability has come to light in the Spring framework.
Spring is a software framework for building Java applications, including web apps on top of the Java EE (Enterprise Edition) platform.
Additional details of the flaw, dubbed "SpringShell" and "Spring4Shell," have been withheld to prevent exploitation attempts and until a fix is in place by the framework's maintainers, Spring.io, a subsidiary of VMware. It's also yet to be assigned a Common Vulnerabilities and Exposures (CVE) identifier.
Read more...
Product
SAP Upscale Commerce all versions
Keywords
Spring4Shell Spring Framework RCE Zero Day Zero-Day Vulnerability , KBA , CEC-USC , SAP Upscale Commerce , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.
/support/notes/service/facebook.svg)
/support/notes/service/twitter.svg)
/support/notes/service/youtube.svg)
/support/notes/service/linkedin.svg)
/support/notes/service/instagram2.svg)