THREATOPS
THREAT OPSCVEs › CVE-2022-22947

CVE-2022-22947 — VMware Spring Cloud Gateway Code Injection Vulnerability

CISA KEVExploited: confirmedVMware

Spring Cloud Gateway applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured.

Vulnerability details