search cancel

Spring4Shell ZERO-day exploit CVE-2022-22963 and CVE-2022-22965 vulnerability for CA Test Data Manager


Article ID: 238522


Updated On:


CA Test Data Manager (Data Finder / Grid Tools)


Two CVE’s for New Spring4Shell Zero-Day Vulnerability:

- CVE-2022-22963: Remote code execution in Spring Cloud Function by malicious Spring Expression

 - CVE-2022-22965: Spring Framework RCE via Data Binding on JDK 9+


Is CA Test Data Manager impacted by this vulnerability?


The Broadcom Agile Operations CA Test Data Manager Development team is investigating, and an update will be made available April 4th.

This advisory will be updated as we identify and publish solutions.