Security statement: Spring4Shell
Unifiedpost Group is actively reviewing the recently published Spring Framework remote code execution vulnerability (CVE-2022-22965).
Since the issue was initially identified, Unifiedpost Group Security Office assessed the vulnerability of all systems with specific attention towards the Spring Framework.
The assessment revealed that certain systems were impacted and hence, were exposed to increased security risks. The majority of the Unifiedpost Group systems were already patched a few days after the vulnerability publishing and some minor remaining patching efforts will be finalized by the 5th of April EoD.
At this time, there are no known exploits to Unifiedpost Group’s systems, products or services. Unifiedpost Group continues to monitor all systems.
The Unifiedpost Security Office advises the suppliers and customers to take similar mitigating actions.
For further information or questions, the Unifiedpost Security Office is always at disposal via firstname.lastname@example.org.