3189815 - CVE-2022-22965 - SAP Cloud Portal Service(on Cloud Foundry & Neo Environment)'s impact for Spring Core Remote Code Execution vulnerability

Symptom

You are curious whether your SAP Cloud Portal Services on Cloud Foundry & Neo Environment are being affected by Spring Core Remote Code Execution vulnerability exploited In the wild (SpringShell). See documentation: CVE-2022-22965.

Vulnerability CVE-2022-22965
How does this impact SAP Cloud Portal Service running on Cloud Foundry & Neo environment

Environment

Affected Software and Versions / Existing proofs of concept (PoCs) for exploitation work under the following conditions:

JDK 9 or higher
Apache Tomcat as the Servlet container
Packaged as a traditional WAR (in contrast to a Spring Boot executable jar)
spring-webmvc or spring-webflux dependency
Spring Framework versions 5.3.0 to 5.3.17, 5.2.0 to 5.2.19, and older versions

Product

SAP Cloud Portal service 1.0 ; SAP Cloud Portal service 2.0

Keywords

CVE-2022-22965, CPP, CF, NEO, SAP Cloud Portal Service, Spring Core Remote Code Execution, SpringShell , KBA , EP-WZ-SM , Site Directory, Site Settings, Site Service, IAS Integration , EP-CPP-NEO-SFC , Launchpad Site and SAP Fiori Cloud , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.