CVE-2022-22947 | Cybersecurity Alerts | Nexus IT Services, LLC

← Back to Cybersecurity Alerts

CVE-2022-22947

VMware | Spring Cloud GatewayAdded 2022-05-16Remediation Deadline 2022-06-06

VMware Spring Cloud Gateway Code Injection Vulnerability

Spring Cloud Gateway applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured.

Required Action

Apply updates per vendor instructions.

Weakness Classification

CWE-94

References

https://nvd.nist.gov/vuln/detail/CVE-2022-22947