Just Published! Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

EDR: Is Sensor Vulnerable to CVE-2022-22965 (Spring4Shell)?

EDR: Is Sensor Vulnerable to CVE-2022-22965 (Spring4Shell)?

Environment

  • EDR Server: All Versions
  • EDR Sensor: All Versions

Question

Is the EDR Sensor vulnerable to CVE-2022-22965 (Spring4Shell)?

Answer

No, this vulnerability does not affect any VMware EDR products.

Additional Notes

  • Fixes and workarounds suggested: Upgrade to Spring Framework 5.3.18 and 5.2.20 in the next release.
  • Additional URL discussing issue: 

Labels (1)
Tags (2)
Was this article helpful? Yes No
100% helpful (2/2)
Article Information
Author:
Creation Date:
‎04-11-2022
Views:
198
Contributors