SpEL Injection in Nepxion Discovery Commons Enables RCE
CVE-2022-23463 Published on September 24, 2022
SpEL Injection in Nepxion Discovery
Nepxion Discovery is a solution for Spring Cloud. Discover is vulnerable to SpEL Injection in discovery-commons. DiscoveryExpressionResolvers eval method is evaluating expression with a StandardEvaluationContext, allowing the expression to reach and interact with Java classes such as java.lang.Runtime, leading to Remote Code Execution. There is no patch available for this issue at time of publication. There are no known workarounds.
Vulnerability Analysis
CVE-2022-23463 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. An automatable proof of concept (POC) exploit exists. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality and integrity, and a small impact on availability.
Weakness Type
What is an EL Injection Vulnerability?
The software constructs all or part of an expression language (EL) statement in a Java Server Page (JSP) using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended EL statement before it is executed.
CVE-2022-23463 has been classified to as an EL Injection vulnerability or weakness.
Products Associated with CVE-2022-23463
Want to know whenever a new CVE is published for Nepxion Discovery? stack.watch will email you.
Affected Versions
Nepxion Discover:- Version 6.16.2, <= 6.16.2 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.