Refer to the following publications for more information:Ĭritical / 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)Ī request binding flaw in the Spring Framework allows a remote unauthenticated attacker to send malicious HTTP requests and execute arbitrary code on the target system. Multiple Symantec products can detect and provide protection against attacks exploiting CVE-2022-22965 in customer environments.
Threat Defense for Active Directory (TDAD) Symantec VIP Authentication Hub (separate from Symantec VIP) Symantec Protection for SharePoint Servers (SPSS) Symantec Privileged Access Manager Server Control Symantec Mail Security for Microsoft Exchange (SMSMSE) Symantec Identity Governance and Administration
Symantec Endpoint Protection (SEP) for Mobile Symantec Endpoint Detection and Response (EDR) On-premise Industrial Control System Protection (ICSP) The following products are not vulnerable:Ĭloud Workload Protection for Storage (CWP:S)ĬloudSOC Cloud Access Security Broker (CASB) Upgrade to 3.6.2.6, available on the Support Downloads portal.
Upgrade to 14.3 RU4 and run LiveUpdate to download Symantec Endpoint Protection Manager API 14.3 RU4 content revision r16 or newer.Īpply the 6.9.1 b532 Server Update (Server_DCS691_b532.zip) available on the Support Downloads portal.Īpply the 8.0.2 b81 Server Update (SCSP_8.0.2_Server_Refresh.zip) available on the Support Downloads portal. The following products and product versions are affected. When exploited, the vulnerability allows an unauthenticated attacker to execute arbitrary code on the target system. Symantec is investigating CVE-2022-22965, aka Spring4Shell, which is an RCE vulnerability in the Spring Framework.