CVE-2022-22947 | BestHub

Java Architect Essentials

Apr 20, 2022 · Information Security

Critical Spring Cloud Gateway Vulnerabilities CVE-2022-22946 and CVE-2022-22947: Description, Impact, and Mitigation

This article explains the two high‑severity Spring Cloud Gateway vulnerabilities (CVE‑2022‑22946 and CVE‑2022‑22947), detailing their descriptions, affected versions, exploitation conditions, and provides concrete remediation steps such as upgrading to safe releases or disabling the vulnerable actuator endpoints.

CVE-2022-22946CVE-2022-22947Java

0 likes · 5 min read

Critical Spring Cloud Gateway Vulnerabilities CVE-2022-22946 and CVE-2022-22947: Description, Impact, and Mitigation

Top Architect

Mar 8, 2022 · Information Security

Critical Spring Cloud Gateway Vulnerabilities CVE-2022-22946 and CVE-2022-22947: Description, Impact, and Mitigation

This article explains two high‑severity Spring Cloud Gateway vulnerabilities (CVE‑2022‑22946 and CVE‑2022‑22947), outlines the affected versions, describes how attackers can exploit exposed Actuator endpoints, and provides concrete mitigation steps such as upgrading to safe releases or disabling the gateway actuator.

ActuatorCVE-2022-22946CVE-2022-22947

0 likes · 6 min read

Java Architecture Diary

Mar 4, 2022 · Information Security

How to Prevent the Spring Cloud Gateway RCE Vulnerability (CVE‑2022‑22947)

This article explains the remote code execution flaw in Spring Cloud Gateway's Actuator endpoint (CVE‑2022‑22947), lists the affected versions, and provides mitigation steps such as restricting endpoint exposure, upgrading to patched releases, and applying operational hardening best practices.

ActuatorCVE-2022-22947Remote Code Execution

0 likes · 3 min read

How to Prevent the Spring Cloud Gateway RCE Vulnerability (CVE‑2022‑22947)