previous icon Back to blog
Platform

CM.com Response to zero-day in Spring Core Framework

On March 31st a severe vulnerability in the Spring Core Framework was discovered known as "Spring4Shell". With this post we would like to share with our customers how CM.com responded to this zero-day exploit. 

On 31-03-2022 CM.com became aware of two vulnerabilities (CVE-2022-22965 and CVE-2022-22963) in the Spring Core Framework. We would like to share with our customers how we've acted upon the zero-day vulnerability.

Our software is safe

We've completed a full platform analysis of all our software and third-party applications (as published by the Dutch National Cyber Security Center) and found no exposed risks. All related software libraries have been updated by our product teams. The CM.com Security team is continuously scanning our software and has intensified their network monitoring to flag any possible related exploit attempts.

is Product Manager at CM.com and helps companies to use communication technology and make a meaningful conversation with their audience.
Is this region a better fit for you?
Go
close icon