Add CVE-2022-22963 (#682)

RTann · RTann · commit 12fa878be939 · 2022-04-01T12:03:13.000-07:00
diff --git a/e2etests/testcase_test.go b/e2etests/testcase_test.go
@@ -3213,4 +3213,48 @@ var testCases = []testCase{
 			},
 		},
 	},
+	{
+		image:                   "docker.io/stackrox/sandbox:springboot-web-cloud-function-2.6.6",
+		registry:                "https://registry-1.docker.io",
+		username:                os.Getenv("DOCKER_IO_PULL_USERNAME"),
+		password:                os.Getenv("DOCKER_IO_PULL_PASSWORD"),
+		onlyCheckSpecifiedVulns: true,
+		source:                  "NVD",
+		namespace:               "alpine:v3.15",
+		expectedFeatures: []apiV1.Feature{
+			{
+				Name:          "spring-cloud-function-core",
+				VersionFormat: "JavaSourceType",
+				Version:       "3.2.2",
+				Vulnerabilities: []apiV1.Vulnerability{
+					{
+						Name:          "CVE-2022-22963",
+						Description:   "In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources.",
+						Link:          "https://nvd.nist.gov/vuln/detail/CVE-2022-22963",
+						Severity:      "Critical",
+						Metadata: map[string]interface{}{
+							"NVD": map[string]interface{}{
+								"CVSSv3": map[string]interface{}{
+									"ExploitabilityScore": 3.9,
+									"ImpactScore":         5.9,
+									"Score":               9.8,
+									"Vectors":             "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+								},
+								"CVSSv2": map[string]interface{}{
+									"ExploitabilityScore": 0.0,
+									"ImpactScore":         0.0,
+									"Score":               0.0,
+									"Vectors":             "",
+								},
+							},
+						},
+						FixedBy: "3.2.3",
+					},
+				},
+				AddedBy:  "sha256:f26cc7bc44e4f9b8969a0a95040d484ab301b3e56d1fb1eda8a79bf7e089f24e",
+				Location: "app/demo-0.0.1-SNAPSHOT.war:WEB-INF/lib/spring-cloud-function-core-3.2.2.jar",
+				FixedBy:  "3.2.3",
+			},
+		},
+	},
 }
diff --git a/pkg/vulnloader/nvdloader/manual.go b/pkg/vulnloader/nvdloader/manual.go
@@ -297,6 +297,89 @@ var manuallyEnrichedVulns = map[string]*schema.NVDCVEFeedJSON10DefCVEItem{
 		LastModifiedDate: "2022-03-16T00:00Z",
 		PublishedDate:    "2022-03-16T00:00Z",
 	},
+	"CVE-2022-22963": {
+		CVE: &schema.CVEJSON40{
+			CVEDataMeta: &schema.CVEJSON40CVEDataMeta{
+				ID: "CVE-2022-22963",
+			},
+			DataFormat:  "MITRE",
+			DataType:    "CVE",
+			DataVersion: "4.0",
+			Description: &schema.CVEJSON40Description{
+				DescriptionData: []*schema.CVEJSON40LangString{
+					{
+						Lang:  "en",
+						Value: `In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources.`,
+					},
+				},
+			},
+			References: &schema.CVEJSON40References{
+				ReferenceData: []*schema.CVEJSON40Reference{
+					{
+						Name: "https://tanzu.vmware.com/security/cve-2022-22963",
+					},
+				},
+			},
+		},
+		Configurations: &schema.NVDCVEFeedJSON10DefConfigurations{
+			CVEDataVersion: "4.0",
+			Nodes: []*schema.NVDCVEFeedJSON10DefNode{
+				{
+					CPEMatch: []*schema.NVDCVEFeedJSON10DefCPEMatch{
+						{
+							Cpe23Uri:              `cpe:2.3:a:apache:spring\-cloud\-function\-core:*:*:*:*:*:*:*:*`,
+							VersionEndExcluding:   "3.2.3",
+							VersionStartIncluding: "3.2.0",
+						},
+						{
+							Cpe23Uri:            `cpe:2.3:a:apache:spring\-cloud\-function\-core:*:*:*:*:*:*:*:*`,
+							VersionEndExcluding: "3.1.7",
+						},
+						{
+							Cpe23Uri:              `cpe:2.3:a:springframework:spring\-cloud\-function\-core:*:*:*:*:*:*:*:*`,
+							VersionEndExcluding:   "3.2.3",
+							VersionStartIncluding: "3.2.0",
+						},
+						{
+							Cpe23Uri:            `cpe:2.3:a:springframework:spring\-cloud\-function\-core:*:*:*:*:*:*:*:*`,
+							VersionEndExcluding: "3.1.7",
+						},
+						{
+							Cpe23Uri:              `cpe:2.3:a:pivotal:spring\-cloud\-function\-core:*:*:*:*:*:*:*:*`,
+							VersionEndExcluding:   "3.2.3",
+							VersionStartIncluding: "3.2.0",
+						},
+						{
+							Cpe23Uri:            `cpe:2.3:a:pivotal:spring\-cloud\-function\-core:*:*:*:*:*:*:*:*`,
+							VersionEndExcluding: "3.1.7",
+						},
+					},
+					Operator: "OR",
+				},
+			},
+		},
+		Impact: &schema.NVDCVEFeedJSON10DefImpact{
+			BaseMetricV3: &schema.NVDCVEFeedJSON10DefImpactBaseMetricV3{
+				CVSSV3: &schema.CVSSV30{
+					AttackComplexity:      "LOW",
+					AttackVector:          "NETWORK",
+					AvailabilityImpact:    "HIGH",
+					BaseScore:             9.8,
+					ConfidentialityImpact: "HIGH",
+					IntegrityImpact:       "HIGH",
+					PrivilegesRequired:    "NONE",
+					Scope:                 "UNCHANGED",
+					UserInteraction:       "NONE",
+					VectorString:          "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+					Version:               "3.0",
+				},
+				ExploitabilityScore: 3.9,
+				ImpactScore:         5.9,
+			},
+		},
+		LastModifiedDate: "2022-03-31T00:00Z",
+		PublishedDate:    "2022-03-29T00:00Z",
+	},
 	"CVE-2022-22965": {
 		CVE: &schema.CVEJSON40{
 			CVEDataMeta: &schema.CVEJSON40CVEDataMeta{
