CM.com Response to zero-day in Spring Core Framework

On March 31st a severe vulnerability in the Spring Core Framework was discovered known as "Spring4Shell". With this post we would like to share with our customers how CM.com responded to this zero-day exploit.

CM.com

On 31-03-2022 CM.com became aware of two vulnerabilities (CVE-2022-22965 and CVE-2022-22963) in the Spring Core Framework. We would like to share with our customers how we've acted upon the zero-day vulnerability.

Our software is safe

We've completed a full platform analysis of all our software and third-party applications (as published by the Dutch National Cyber Security Center) and found no exposed risks. All related software libraries have been updated by our product teams. The CM.com Security team is continuously scanning our software and has intensified their network monitoring to flag any possible related exploit attempts.

Was this article interesting?
Share it!

Latest Articles

Apr 18, 2024 • Security

Secure Your Business With SMS OTPs and Alerts

In the current digital era, technological and online advances are rapidly growing, creating new ways for businesses to engage their customers. Unfortunately, where there is growth, there will be criminals trying to steal some of the profits. Protecting business data, customer information, and online accounts is a priority for every modern business. SMS security can help protect your business and your customers from online fraud and cyber crime.

customer lifetime value touch points in the journey blog explain

Oct 20, 2023 • Email

What Is DMARC and How Do You Implement It?

In our digital age, email threats loom large, with phishing and spoofing becoming increasingly sophisticated. DMARC is the powerful shield that businesses and individuals need. This authentication protocol ensures email integrity, safeguarding against domain impersonation and cyberattacks. In this article, we demystify DMARC, explaining its significance in bolstering email security.

messaging-fraud-and-prevention-for-businesses

Sep 25, 2023 • Security

Combat SMS Pumping (AIT) Fraud Effectively With CM.com

In this digital era, providing the optimal customer experience means connecting and engaging with your customers online on their favorite platforms and channels. Online (automated) customer engagement and A2P (application-to-person) messaging is bigger than ever, which unfortunately also means that messaging fraud is on the rise. Artificially Inflated Traffic (AIT) fraud has become an alarming issue in the telecommunications industry, but worry not! CM.com has built the perfect safeguard feature to protect your business endeavors from AIT fraud.

Sep 06, 2023 • Instant Messaging

A2P Messaging Fraud and Prevention for Businesses

Safeguarding company data against security threats should be on the top of the priorities list for every modern company. Especially since A2P, or application-to-person messaging fraud is on the rise. Read all about the different types of A2P fraud and what steps you can take to avoid being the next victim.

Sep 06, 2023 • Security

How to Protect Your Customers Against A2P Messaging Fraud

Protecting your data, and the data of your customers, is top priority for most modern companies. And it should be! Now that A2P (application-to-person) messaging is bigger than ever, A2P messaging fraud is also on the rise. As a business, you can protect yourself against threats by implementing certain security measures, but you're not the only target. Criminals will also attempt to scam or deceive your customers! Let's take a look at the types of A2P messaging fraud your customers can face, and what measures can be taken against them.

Sep 05, 2023 • Messaging

The Software Debate: DIY, CPaaS, or SaaS?

Every business wants to communicate with its customers, whether for marketing, support, or operational purposes. But to do so, you'll need a way to get in touch with your customers- a communications platform. You can build software from scratch, integrate third-party software into your own systems, or implement new software all together. Are you still pondering the correct approach for your business? Then let's figure it below!

Aug 07, 2023 • Authentication

Best Practices for Two-Factor Authentication (2FA)

Enhancing platform security and implementing Two-Factor Authentication (2FA) processes are crucial for organizations to protect business and customer data. However, these security measures only work when employees and customers are willing to adopt and adhere to them. So, how can your business ensure employee and customer adoption? In this blog, we'll dive into Two-Factor Authentication (2FA), its benefits and best practices to ensure adoption.

Jul 26, 2023 • Messaging

Introducing Our Global High Availability Endpoint for CPaaS

CM.com continuously innovates its enterprise-ready CPaaS (communications platform as a service) solution. The business messaging platform offers one simple connection for all channels and conversations and allows customers to connect to their end-users via their preferred channel, hassle-free.

Jun 19, 2023 • WhatsApp

WhatsApp Business One Time Passwords: What They Are and How to Use Them.

Chances are that you've received One Time Passwords (OTPs) before, often via SMS or email. But did you know that there might be an even better platform to send OTPs on? WhatsApp Business Platform allows you to send One Time Passwords on the favorite messaging channel of your customers, enhancing the customer experience and improving customer relations.