Microsoft has uncovered a “low volume of exploit attempts” deploying Spring4Shell vulnerability exploits against its cloud infrastructure.
Spring4Shell is an RCE vulnerability that has been identified as CVE-2022-22965 and affects the Spring Framework.
Attackers can exploit the vulnerability by sending specially crafted queries to servers running the Spring Core framework to create web shells in the Tomcat root directory.
Hackers can exploit the vulnerability to execute commands on the compromised server.
However, Microsoft said that it has not yet seen “any impact to the security of our enterprise services and have not experienced any degraded service availability due to this vulnerability.”
Although the bug only affects systems with certain configurations, Microsoft explained that “any system using JDK 9.0 or later and using the Spring Framework or derivative frameworks should be considered vulnerable.”
Admins are advised to check that their servers are vulnerable to Spring4Shell attacks by issuing a non-malicious command.