CVE-2022-22971

MEDIUM LAB

Spring Framework 5.2.0-5.2.20 and 5.3.0-5.3.19 - Authenticated Denial of Service via STOMP over WebSocket

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-22971. PoCs published by tchize.

AI-analyzed exploit summary This repository contains a proof-of-concept exploit for CVE-2022-22971, demonstrating a Spring Framework vulnerability involving STOMP over WebSocket. It sets up a RabbitMQ instance with STOMP enabled and a Spring Boot application to exploit the vulnerability.

Description

In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, application with a STOMP over WebSocket endpoint is vulnerable to a denial of service attack by an authenticated user.

Exploits (1)

nomisec WORKING POC 1 stars

by tchize · poc

https://github.com/tchize/CVE-2022-22971

View Code ZIP pw:eip

This repository contains a proof-of-concept exploit for CVE-2022-22971, demonstrating a Spring Framework vulnerability involving STOMP over WebSocket. It sets up a RabbitMQ instance with STOMP enabled and a Spring Boot application to exploit the vulnerability.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Spring Framework (versions affected by CVE-2022-22971)

No auth needed

Prerequisites: Docker installed · Java and Maven for building the Spring Boot application · Network access to the target

MITRE ATT&CK

T1189 - Drive-by Compromise T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Mitigation, Vendor Advisory x_refsource_misc

https://tanzu.vmware.com/security/cve-2022-22971

Patch, Third Party Advisory x_refsource_misc

https://www.oracle.com/security-alerts/cpujul2022.html

Third Party Advisory x_refsource_confirm

https://security.netapp.com/advisory/ntap-20220616-0003/

Scores

CVSS v3 6.5

EPSS 0.0025

EPSS Percentile 48.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Lab Environment

COMMUNITY

Community Lab

docker pull rabbitmq:3.8-management

https://github.com/tchize/CVE-2022-22971

View in Library

Details

CWE

CWE-770

Status published

Products (6)

netapp/cloud_secure_agent

netapp/oncommand_insight

oracle/financial_services_crime_and_compliance_management_studio 8.0.8.2.0

oracle/financial_services_crime_and_compliance_management_studio 8.0.8.3.0

org.springframework/spring-messaging 5.3.0 - 5.3.20Maven

vmware/spring_framework 5.2.0 - 5.2.21

Published May 12, 2022

Tracked Since Feb 18, 2026