All intelligence
// vulnerability record
cached · NVD via COSMOS syncCVE-2022-22947
NONEKEVpublish date unavailable
CVSS / 10
// description
Spring Cloud Gateway applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured.
// required action (CISA KEV)
Apply updates per vendor instructions.
added 2022-05-16 00:00 UTC