Log in
Log in
E-mail
Password

Show password
Remember
Forgot password ?
Become a member for free
Sign up
Become a member for free
Sign up
New member
Sign up for FREE
New customer
Discover our services
  1. Homepage
  2. Equities
  3. Canada
  4. Toronto Stock Exchange
  5. BlackBerry Limited
  6. News
  7. Summary
    BB   CA09228F1036

BLACKBERRY LIMITED

(BB)
  Report
SummaryQuotesChartsNewsRatingsCalendarCompanyFinancialsConsensusRevisions 
SummaryMost relevantAll NewsAnalyst Reco.Other languagesPress ReleasesOfficial PublicationsSector newsMarketScreener Strategies

BlackBerry : Get a Jump on Spring4Shell

04/06/2022 | 05:53pm EDT
share with twitter
share with LinkedIn
share with facebook

There's a new vulnerability making headlines called Spring4Shell, and it can allow attackers to perform remote code executions (RCE). The vulnerability was discovered in the Spring framework, widely used for developing JAVA applications. Details on the vulnerability are documented in CVE-2022-22965. It bears mentioning that other vulnerabilities related to the Spring framework have been recently reported, but this article focuses specifically on Spring4Shell.

While the vulnerability is rated a 9.8 (critical) by the National Vulnerability Database, there is some good news. Unlike the other recent "4shell" vulnerability, Log4Shell, the cyber risks posed by Spring4Shell appear considerably less dire. This is due to the multiple conditions that must exist for an attacker to successfully exploit the flaw.

For the Spring4Shell vulnerability to be successfully exploited, applications must:

  • Run on Java Development Kit (JDK) version 9 or later
  • Use Apache® Tomcat® as a servlet container
  • Be deployed as a web application resource (WAR) file
  • Include Spring WebMVC or Spring WebFlux as dependencies

If these conditions do not apply to an application, it should be safe from exploitation based upon our current understanding. Of course, this may change as researchers and threat actors explore Spring4Shell and gain more insights into its inner workings.

Companies wondering if Spring4Shell affects them can perform a software inventory or network scan to discover where vulnerable apps exist in their environment. Upgrading to Spring 5.3.18 or higher is also recommended, as this and later versions are not affected by Spring4Shell.

BlackBerry customers using CylancePROTECT® and CylanceOPTICS® remain protected from malware attacks delivered through Spring4Shell exploitation. For professional assistance with the Spring4Shell vulnerability, contact BlackBerry Incident Response services, or speak to one of our representatives at +1-888-808-3119.

Disclaimer

BlackBerry Ltd. published this content on 06 April 2022 and is solely responsible for the information contained therein. Distributed by Public, unedited and unaltered, on 06 April 2022 21:52:04 UTC.


© Publicnow 2022
All news about BLACKBERRY LIMITED
05:53pBLACKBERRY : Get a Jump on Spring4Shell
PU
04/04GET IN : The Connected Vehicle Podcast From BlackBerry (Episode 7)
PU
04/04BLACKBERRY : Joins CISA's Joint Cyber Defense Collaborative to Help Bolster U.S. Cybersecu..
PU
04/04US Government Warns Businesses to Beef Up Cybersecurity, These Companies are Positioned..
AQ
04/01BLACKBERRY LTD MANAGEMENT'S DISCUSSION AND ANALYSIS OF FINANCIAL CONDITION AND RESULTS..
AQ
04/01BLACKBERRY : Again Demonstrates 100% Prevention Against Wizard Spider and Sandworm Threat ..
PU
04/01TSX ends weekly win streak even as resource shares rally
RE
04/01NIO, Dexcom rise; BlackBerry, Ford fall
AQ
04/01SECTOR UPDATE : Chipmakers Weighing on Tech Stocks on Friday
MT
04/01SECTOR UPDATE : Stocks Losing More Ground This Afternoon
MT
More news
Analyst Recommendations on BLACKBERRY LIMITED
More recommendations
Financials (USD)
Sales 2023 690 M - -
Net income 2023 -224 M - -
Net Debt 2023 333 M - -
P/E ratio 2023 -18,5x
Yield 2023 -
Capitalization 4 099 M 4 082 M -
EV / Sales 2023 6,43x
EV / Sales 2024 5,33x
Nbr of Employees 3 325
Free-Float 98,6%
Chart BLACKBERRY LIMITED
Duration : Period :
BlackBerry Limited Technical Analysis Chart | MarketScreener
Full-screen chart
Technical analysis trends BLACKBERRY LIMITED
Short TermMid-TermLong Term
TrendsNeutralBearishBearish
Income Statement Evolution
Consensus
Sell
Buy
Mean consensus UNDERPERFORM
Number of Analysts 8
Last Close Price 7,11 $
Average target price 6,73 $
Spread / Average Target -5,39%
EPS Revisions
Managers and Directors
John S. Chen Executive Chairman & Chief Executive Officer
Steve Rai Chief Financial Officer
Charles Eagan Chief Technology Officer
Christopher Hummel Chief Information Officer
Randall Cook Secretary, Chief Legal, Compliance & Risk Officer
Sector and Competitors
1st jan.Capi. (M$)
BLACKBERRY LIMITED-25.63%4 099
KNOWBE4, INC.3.01%4 128
DARKTRACE PLC1.05%3 598
TELOS CORPORATION-32.49%707
COGNYTE SOFTWARE LTD.-48.76%538
NFORCE SECURE PUBLIC COMPANY LIMITED-7.32%87