CVE-2022-22947 — Spring Cloud Gateway vulnerable to Code Injection when Gateway Actuator endpoint

Description

In Spring Cloud Gateway versions prior to 3.1.1+ and 3.0.7+ , applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed, and unsecured. A remote attacker could make a maliciously crafted request resulting in arbitrary remote execution on the remote host.

How to fix CVE-2022-22947

To remediate CVE-2022-22947, upgrade the affected package to a fixed version below.

—upgrade to 3.0.7 or later

Is CVE-2022-22947 being exploited?

Yes — CVE-2022-22947 is on the CISA Known Exploited Vulnerabilities (KEV) catalog. Patch immediately.

Affected packages (1)

from 0, < 3.0.7

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	CRITICAL10.0	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

References (6)

ADVISORYnvd.nist.gov/vuln/detail/CVE-2022-22947
WEBpacketstormsecurity.com/files/166219/Spring-Cloud-Gateway-3.1.0-Remote-Code-Execution.html
WEBpacketstormsecurity.com/files/168742/Spring-Cloud-Gateway-3.1.0-Remote-Code-Execution.html
WEBtanzu.vmware.com/security/cve-2022-22947