Another zero-day vulnerability surfaced on Tuesday, March 29, 2022. This is the latest in a steady stream of similar Remote Code Execution (RCE) and injection vulnerabilities. At the end of 2021, we saw the infamous Log4Shell security incident (CVE-2021-44228). More recently, the Spring Cloud Gateway code injection vulnerability surfaced (CVE 2022-22947). Now Application Security teams have to sort through the latest zero-day, an RCE that has been dubbed Spring4Shell.
In this webinar Contrast Labs will review the latest details of Spring4Shell. Topics to be discussed include:
- The most up-to-date information Contrast Labs has on Spring4Shell
- Confirmation that Spring4Shell is exploitable
- Immediate protection recommendations
- How to protect yourself now and going forward
- How Contrast can help
