Spring4Shell Configuration
The Spring4Shell vulnerability is a Remote Code Execution vulnerabilty that was recently discovered in the Spring framework. Hawkscan version 2.3.0 and later includes a rule to scan for this vulnerability in Spring applications, but it is not enabled by default.
In order to activate the Spring4Shell rule, update your stackhawk.yml scan config to include the corresponding policy name in the hawk.scan.policyName property:
| Policy Name | Result |
|---|---|
DEFAULT_SPRING4SHELL |
Runs a scan with all the default rules enabled, with Spring4Shell included. |
SPRING4SHELL_ONLY |
Runs a scan with ONLY the Spring4Shell rule enabled. All other rules will not be run by the scanner. |
For example:
hawk:
scan:
policyName: DEFAULT_SPRING4SHELL