In spring cloud gateway versions prior to 3.1.1+ and 3.0.7+ , applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured. A remote attacker could make a maliciously crafted request that could allow arbitrary remote execution on the remote host.

The version of Spring Cloud Gateway running on the remote host allows remote attackers to make a maliciously crafted request that could allow arbitrary remote execution on the remote host.

The version of Spring Cloud Gateway running on the remote host is affected by a code injection vulnerability.
Applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured. A remote attacker could make a maliciously crafted request that could allow arbitrary remote execution on the remote host.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

In Spring Cloud Gateway versions prior to 3.1.1 and 3.0.7, applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured. A remote attacker can craft a malicious request that could allow arbitrary remote execution on the remote host.

ID	Name	Product	Family	Severity
176415	Spring Cloud Gateway Code Injection (CVE-2022-22947)	Nessus	CGI abuses	critical
163631	VMware Spring Cloud Gateway 3.0 < 3.0.7 / 3.1 < 3.1.1 Code Injection	Nessus	Misc.	critical
113169	Spring Cloud Gateway < 3.0.7 / 3.1.x < 3.1.1 Remote Code Execution	Web App Scanning	Component Vulnerability	critical

Detections

Analytics

CVE-2022-22947

critical

Tenable Plugins

critical

critical

critical