CVE-2022-22947

Опубликовано: 03 мар. 2022

Источник: nvd

CVSS3: 10

CVSS2: 6.8

EPSS Критический

Описание

In spring cloud gateway versions prior to 3.1.1+ and 3.0.7+ , applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured. A remote attacker could make a maliciously crafted request that could allow arbitrary remote execution on the remote host.

Ссылки

http://packetstormsecurity.com/files/166219/Spring-Cloud-Gateway-3.1.0-Remote-Code-Execution.html
Exploit
Third Party Advisory
VDB Entry
http://packetstormsecurity.com/files/168742/Spring-Cloud-Gateway-3.1.0-Remote-Code-Execution.html
Exploit
Third Party Advisory
VDB Entry
https://tanzu.vmware.com/security/cve-2022-22947
Mitigation
Vendor Advisory
https://www.oracle.com/security-alerts/cpuapr2022.html
Patch
Third Party Advisory
https://www.oracle.com/security-alerts/cpujul2022.html
Patch
Third Party Advisory
http://packetstormsecurity.com/files/166219/Spring-Cloud-Gateway-3.1.0-Remote-Code-Execution.html
Exploit
Third Party Advisory
VDB Entry
http://packetstormsecurity.com/files/168742/Spring-Cloud-Gateway-3.1.0-Remote-Code-Execution.html
Exploit
Third Party Advisory
VDB Entry
https://tanzu.vmware.com/security/cve-2022-22947
Mitigation
Vendor Advisory
https://www.oracle.com/security-alerts/cpuapr2022.html
Patch
Third Party Advisory
https://www.oracle.com/security-alerts/cpujul2022.html
Patch
Third Party Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-22947
US Government Resource

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:vmware:spring_cloud_gateway:*:*:*:*:*:*:*:*

Версия до 3.0.7 (исключая)

cpe:2.3:a:vmware:spring_cloud_gateway:3.1.0:*:*:*:*:*:*:*

Конфигурация 2

Одно из

cpe:2.3:a:oracle:commerce_guided_search:11.3.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:1.11.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_cloud_native_core_console:22.2.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:1.10.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.15.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.15.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.1.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.2.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.8.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:22.1.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.1.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:1.15.0:*:*:*:*:*:*:*

EPSS

Процентиль: 100%

0.94461

Критический

10 Critical

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-94

CWE-917

Связанные уязвимости

GHSA-3gx9-37ww-9qw6

CVSS3: 10

github

почти 4 года назад

Spring Cloud Gateway vulnerable to Code Injection when Gateway Actuator endpoint enabled, exposed, unsecured

BDU:2022-01507

CVSS3: 10

fstec

почти 4 года назад

Уязвимость компонента Gateway Actuator библиотеки для создания API-шлюзов Spring Cloud Gateway, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 100%

0.94461

Критический

10 Critical

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-94

CWE-917