Two CVE’s for New Spring4Shell Zero-Day Vulnerability:
- CVE-2022-22963: Remote code execution in Spring Cloud Function by malicious Spring Expression
- CVE-2022-22965: Spring Framework RCE via Data Binding on JDK 9+
Is CA Configuration Automation impacted by this vulnerability?
CA Configuration Automation is not vulnerable to Spring4Shell ZERO-day exploit CVE-2022-22963 and CVE-2022-22965