CM.com Response to zero-day in Spring Core Framework

On March 31st a severe vulnerability in the Spring Core Framework was discovered known as "Spring4Shell". With this post we would like to share with our customers how CM.com responded to this zero-day exploit.

CM.com

On 31-03-2022 CM.com became aware of two vulnerabilities (CVE-2022-22965 and CVE-2022-22963) in the Spring Core Framework. We would like to share with our customers how we've acted upon the zero-day vulnerability.

Our software is safe

We've completed a full platform analysis of all our software and third-party applications (as published by the Dutch National Cyber Security Center) and found no exposed risks. All related software libraries have been updated by our product teams. The CM.com Security team is continuously scanning our software and has intensified their network monitoring to flag any possible related exploit attempts.

Was this article interesting?
Share it!

Latest Articles

Mar 20, 2025 • Chatbots

Chatting with the Near Future: AI's New Role in the Customer Experience

AI innovations in customer service are emerging more rapidly than ever before, especially with the latest addition of Agentic AI and it’s AI Agents. We spoke with Roel Jansen, our Head of Commerce of our Engagement Platform, on how these AI advancements are transforming customer interactions and enhancing the experience. With Roel's expertise and vision, discover the future of customer service and what it means for businesses today. Whether you're an AI enthusiast or just curious about the future, you won't want to miss these engaging insights!

Dec 09, 2024 • Security

Introducing Your Customizable Verification Solution

In today's digital world, ensuring secure and convenient online interactions is more important than ever. Every business has unique needs when it comes to protecting their digital space and their customer interactions - and different needs require different solutions. That's why CM.com introduces "Build Your Own Verification" - flexible and customizable verification that can be tailored to your specific needs.

Nov 12, 2024 • Authentication

Mobile Identity Services: Know Your Users

Verifying online users and accounts has become indispensable in today's business landscape. You want to know who has access to your (online) services and data, but even if you couldn't care less, rules and regulations will definitely care! Whether it's to protect yourself and your customers from harm, or making sure you abide by the local law - making sure you know who the person on the other end of the internet is, is paramount.

Sep 11, 2024 • Security

Your One-Stop-Shop for Verification Services

Securing online accounts, data and users is a must in business today. At least, if you don't want to end up as the next security breach headliner in the papers. But simply implementing a bunch of security measures isn't always enough. Loose apps and services become vulnerable for fraud, and are often cost-inefficient. That's why we now offer a one-stop-shop to safely secure your business: the Verification API.

fraud-and-simplify-verification-processes-hero

Sep 04, 2024 • Security

Prevent Text Messaging Fraud and Simplify Verification Processes With Number Verify

Customer communication via text messaging has become an integral part of the modern business landscape. In recent years however, criminals have figured out that they can abuse SMS communication to scam both your business and your customers out of data and money. But not to worry, there's a new, convenient, and fast verification method that can help secure your online accounts: Number Verify!

Jun 06, 2024 • CM.com

Unlock Communication Excellence With CPaaS

Diving deeper into CM.com's CPaaS approach in empowering business users to unlock Communication Excellence - a guest article by Quadrant Knowledge Solutions, a global advisory and consulting firm focused on helping clients in achieving business transformation goals with Strategic Business and Growth advisory services.

Jun 05, 2024 • RCS

Protect Your Customers from Fraud With RCS Sender Verification

Cybercrime and spam messaging is on the rise. Criminals attempt to impersonate trusted businesses in the hopes of scamming loyal customers out of their personal details, login credentials, and even banking information. This damages the trust between customers and businesses. How can you tell which messages are legit, and which ones aren't? RCS Business offers verified sender profiles, helping customers identify official business accounts so they can engage with business communication with confidence.

Apr 22, 2024 • CM.com

Happy Clients, Happy Agents: the Platform Effect in Customer Service

As a member of the customer service team, you stand on the front lines of customer interaction every day. In a world where customers demand quick and personalized service, long wait times, impersonal responses, or worse, incorrect answers, can quickly drive a customer away. Your goal, however, is to connect customers with your organization and deliver the best answers and service possible. It’s incredibly satisfying to see a customer leave a conversation happier and eager to purchase your product. Your efforts can significantly enhance the customer experience, but you need the right tools to truly excel. Integrating these tools into a platform amplifies your capabilities and lets you experience the power of the platform effect.

Apr 18, 2024 • Security

Secure Your Business With SMS OTPs and Alerts

In the current digital era, technological and online advances are rapidly growing, creating new ways for businesses to engage their customers. Unfortunately, where there is growth, there will be criminals trying to steal some of the profits. Protecting business data, customer information, and online accounts is a priority for every modern business. SMS security can help protect your business and your customers from online fraud and cyber crime.