THREAT OPS › CVEs › CVE-2022-22947
CVE-2022-22947 — VMware Spring Cloud Gateway Code Injection Vulnerability
Spring Cloud Gateway applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured.
Vulnerability details
- Affected productsSpring Cloud Gateway
- KEV remediation due2022-06-06