Time to take action to protect your software supply chain against Spring4shell (also dubbed Springshell), the latest zero-day vulnerability uncovered on March 30th.
The Remote Code Execution (RCE) exploit in Spring4shell affects any application that uses Spring Framework, one of the most popular frameworks in Java. After an update to JDK9 caused a once-patched vulnerability to reemerge, we are just waiting for the vulnerability to be exploited in the wild. The danger and alarm of Spring4shell echos Log4j when it comes to the low skill level required to execute an attack.
Comparable to the Struts vulnerability that caused the Equifax breach of 2017, this is just the beginning as the story still unfolds. Get the opportunity to ask questions and learn more as we cover everything you need to know now about Spring4shell
Join our Field CTO, Ilkka Turunen, as he discusses:
-
What exactly the Spring4shell Vulnerability is
-
How to determine if you’re affected
-
Why the only path forward is a patch and what that patch looks like
-
How to protect yourself against similar 0-day open source vulnerabilities in the future
.png)
