**Name of the Vulnerable Software and Affected Versions**

Spring Cloud Gateway Server Webflux (affected versions not specified)

**Description**

Spring Cloud Gateway Server Webflux may be susceptible to modification of Spring Environment properties. An application is considered vulnerable if it uses Spring Cloud Gateway Server Webflux, has the Spring Boot actuator dependency enabled, has the Spring Cloud Gateway Server Webflux actuator web endpoint enabled via `management.endpoints.web.exposure.include=gateway`, the actuator endpoints are accessible to attackers, and the actuator endpoints are unsecured. An attacker can modify configuration properties by accessing the `@systemProperties` bean. Successful exploitation may allow access to sensitive information.

**Recommendations**

At the moment, there is no information about a newer version that contains a fix for this vulnerability.