CVE-2022-22947

Name of the Vulnerable Software and Affected Versions Spring Cloud Gateway versions prior to 3.1.1 and 3.0.7

Description The issue is related to the Gateway Actuator component of Spring Cloud Gateway, which is vulnerable to code injection attacks due to incorrect code generation management. This can allow a remote attacker to execute arbitrary code by sending a specially crafted request. The vulnerability can be exploited when the Gateway Actuator endpoint is enabled, exposed, and unsecured. According to available data, 28% of cloud environments using Spring Cloud Gateway are at risk. The vulnerability can lead to sensitive data exposure, such as AWS keys and JWT tokens, and can also allow for Server-Side Request Forgery (SSRF) and potential Remote Code Execution (RCE).

Recommendations For Spring Cloud Gateway versions prior to 3.1.1 and 3.0.7, update to version 3.1.1 or 3.0.7 or later to resolve the issue. As a temporary workaround, consider disabling the Gateway Actuator endpoint to minimize the risk of exploitation. Restrict access to the

/actuator

endpoint to prevent unauthorized access. Avoid using the

env

and

heapdump

endpoints without proper authentication and authorization.