ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Spring4Shell ZERO-day exploit CVE-2022-22963 and CVE-2022-22965 vulnerability for CA Process Automation (ITPAM)


Article ID: 238517


Updated On:


CA Process Automation Base


Two CVE’s for New Spring4Shell Zero-Day Vulnerability:

- CVE-2022-22963: Remote code execution in Spring Cloud Function by malicious Spring Expression

 - CVE-2022-22965: Spring Framework RCE via Data Binding on JDK 9+


Is CA Process Automation (ITPAM) impacted by this vulnerability?


CA Process Automation (ITPAM) is not impacted by Spring Vulnerabilities: CVE-2022-22963 CVE-2022-22965