CVE-2022-27772 Spring Boot versions 2.2.11 was vulnerable to temp directory hijacking.
For more information, see Trend Micro's knowledge base: https://support.trendmicro.com/hc/en-u/articles/20360188-How-can-I-prevent-spring-boot-vulnerabilities. We recommend upgrading to Spring Boot v2.2.11.RELEASE or later.
Trend Micro™ Deep Discovery and Browser Trackers
Trend Micro released a new product, called Deep Discovery and Browser Trackers (CVE-2022-27772), that helps organizations block attacks before they reach your network. It is a potential threat detection solution which uses an advanced pool of machine learning models to detect, analyze and automatically prevent targeted attacks. Once in the field, it not only detects threats but also provides recommendations on how to mitigate them.
Check for the latest version of Spring Boot
Spring Boot Vulnerabilities: How can I prevent them? For more information, see Trend Micro's knowledge base: https://support.trendmicro.com/hc/en-u/articles/20360188-How-can-I-prevent-spring-boot-vulnerabilities. We recommend upgrading to Spring Boot v2.2.11.RELEASE or later.
What is Spring Boot?
Spring Boot is a fast, production-ready way to build a stand-alone or service-oriented enterprise application in Java. Spring Boot automatically handles the tedious work of setting up an application server and managing stack traces, which frees developers to focus on their code. Spring Boot helps you develop applications faster, with less code.
Timeline
Published on: 03/30/2022 18:15:00 UTC
Last modified on: 04/07/2022 15:38:00 UTC