Spring4Shell is the nickname given to a zero-day vulnerability in the Spring Core Framework, a programming and configuration model for Java-based enterprise applications.
- Product: Splunk Enterprise, Splunk Enterprise Security, Splunk Cloud
- Datamodel: Endpoint, Web
- Last Updated: 2022-04-05
- Author: Michael Haag, Splunk
- ID: dcc19913-6918-4ed2-bbba-a6b484c10ef4
An attacker could exploit Spring4Shell by sending a specially crafted request to a vulnerable server. However, exploitation of Spring4Shell requires certain prerequisites, whereas the original Log4Shell vulnerability affected all versions of Log4j 2 using the default configuration.
According to Spring, the following requirements were included in the vulnerability report, however the post cautions that there may be other ways in which this can be exploited so this may not be a complete list of requirements at this time: \
- Java Development Kit (JDK) 9 or greater \
- Apache Tomcat as the Servlet container \
- Packaged as a WAR \
- spring-webmvc or spring-webflux dependency \
source | version: 1