Spring4Shell Attack Surface Monitoring

Spring Framework Remote Code Execution

On March 29th 2022, a remote code execution 0-day was discovered in Spring Framework version < 5.2.20 and 5.3.x < 5.3.18. The CVE-2022-22965 has been assigned to it.

Which of your web applications use Spring Framework?

Purplemet helps you detect web applications using the Spring framework. Once you know which web applications are using Spring, you can conduct investigations and check if Spring Framework is up to date or provide mitigation measures to avoid exploitation of the vulnerability.