ID

VAR-202203-0233


CVE

CVE-2022-22947


TITLE

spring cloud gateway  Code injection vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-007709

DESCRIPTION

In spring cloud gateway versions prior to 3.1.1+ and 3.0.7+ , applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured. A remote attacker could make a maliciously crafted request that could allow arbitrary remote execution on the remote host. (DoS) It may be in a state

Trust: 1.8

sources: NVD: CVE-2022-22947 // JVNDB: JVNDB-2022-007709 // VULHUB: VHN-411807 // VULMON: CVE-2022-22947

AFFECTED PRODUCTS

vendor:vmwaremodel:spring cloud gatewayscope:ltversion:3.0.7

Trust: 1.0

vendor:oraclemodel:communications cloud native core binding support functionscope:eqversion:22.1.3

Trust: 1.0

vendor:oraclemodel:communications cloud native core network exposure functionscope:eqversion:22.1.0

Trust: 1.0

vendor:oraclemodel:communications cloud native core security edge protection proxyscope:eqversion:22.1.1

Trust: 1.0

vendor:oraclemodel:communications cloud native core network repository functionscope:eqversion:1.15.0

Trust: 1.0

vendor:oraclemodel:commerce guided searchscope:eqversion:11.3.2

Trust: 1.0

vendor:oraclemodel:communications cloud native core network slice selection functionscope:eqversion:1.8.0

Trust: 1.0

vendor:oraclemodel:communications cloud native core consolescope:eqversion:22.2.0

Trust: 1.0

vendor:oraclemodel:communications cloud native core network slice selection functionscope:eqversion:22.1.0

Trust: 1.0

vendor:vmwaremodel:spring cloud gatewayscope:eqversion:3.1.0

Trust: 1.0

vendor:oraclemodel:communications cloud native core service communication proxyscope:eqversion:1.15.0

Trust: 1.0

vendor:oraclemodel:communications cloud native core binding support functionscope:eqversion:1.11.0

Trust: 1.0

vendor:oraclemodel:communications cloud native core network repository functionscope:eqversion:22.1.2

Trust: 1.0

vendor:oraclemodel:communications cloud native core network repository functionscope:eqversion:22.2.0

Trust: 1.0

vendor:oraclemodel:communications cloud native core network repository functionscope:eqversion:1.15.1

Trust: 1.0

vendor:oraclemodel:communications cloud native core network function cloud native environmentscope:eqversion:1.10.0

Trust: 1.0

vendor:オラクルmodel:oracle communications cloud native core network repository functionscope: - version: -

Trust: 0.8

vendor:vmwaremodel:spring cloud gatewayscope: - version: -

Trust: 0.8

vendor:オラクルmodel:oracle communications cloud native core network function cloud native environmentscope: - version: -

Trust: 0.8

vendor:オラクルmodel:oracle communications cloud native core network slice selection functionscope: - version: -

Trust: 0.8

vendor:オラクルmodel:oracle communications cloud native core service communication proxyscope: - version: -

Trust: 0.8

vendor:オラクルmodel:oracle communications cloud native core security edge protection proxyscope: - version: -

Trust: 0.8

vendor:オラクルmodel:oracle communications cloud native core network exposure functionscope: - version: -

Trust: 0.8

vendor:オラクルmodel:oracle communications cloud native core binding support functionscope: - version: -

Trust: 0.8

vendor:オラクルmodel:oracle communications cloud native core consolescope: - version: -

Trust: 0.8

vendor:オラクルmodel:oracle commerce guided searchscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-007709 // NVD: CVE-2022-22947

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-22947
value: CRITICAL

Trust: 1.0

NVD: CVE-2022-22947
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-202203-161
value: CRITICAL

Trust: 0.6

VULHUB: VHN-411807
value: MEDIUM

Trust: 0.1

VULMON: CVE-2022-22947
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2022-22947
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-411807
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2022-22947
baseSeverity: CRITICAL
baseScore: 10.0
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 6.0
version: 3.1

Trust: 1.0

NVD: CVE-2022-22947
baseSeverity: CRITICAL
baseScore: 10.0
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-411807 // VULMON: CVE-2022-22947 // JVNDB: JVNDB-2022-007709 // CNNVD: CNNVD-202203-161 // NVD: CVE-2022-22947

PROBLEMTYPE DATA

problemtype:CWE-94

Trust: 1.1

problemtype:CWE-917

Trust: 1.0

problemtype:Code injection (CWE-94) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-411807 // JVNDB: JVNDB-2022-007709 // NVD: CVE-2022-22947

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202203-161

TYPE

code injection

Trust: 0.6

sources: CNNVD: CNNVD-202203-161

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-411807

PATCH

title:Oracle Critical Patch Update Advisory - April 2022 Oracle Critical Patch Updateurl:https://tanzu.vmware.com/security/cve-2022-22947

Trust: 0.8

title:VMware Spring Cloud Gateway Fixes for code injection vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=184589

Trust: 0.6

title: - url:https://github.com/kmahyyg/CVE-2022-22947

Trust: 0.1

title: - url:https://github.com/PyterSmithDarkGhost/VMWARECODEINJECTIONATTACKCVE-2022-22947

Trust: 0.1

title: - url:https://github.com/trhacknon/CVE-2022-22947

Trust: 0.1

title:CVE-2022-22947-Spring-Cloudurl:https://github.com/michaelklaan/CVE-2022-22947-Spring-Cloud

Trust: 0.1

title: - url:https://github.com/ananorabei/POCS

Trust: 0.1

sources: VULMON: CVE-2022-22947 // JVNDB: JVNDB-2022-007709 // CNNVD: CNNVD-202203-161

EXTERNAL IDS

db:NVDid:CVE-2022-22947

Trust: 3.4

db:PACKETSTORMid:168742

Trust: 1.7

db:PACKETSTORMid:166219

Trust: 1.7

db:JVNDBid:JVNDB-2022-007709

Trust: 0.8

db:EXPLOIT-DBid:50799

Trust: 0.7

db:CS-HELPid:SB2022042264

Trust: 0.6

db:CS-HELPid:SB2022030313

Trust: 0.6

db:CS-HELPid:SB2022042263

Trust: 0.6

db:CS-HELPid:SB2022071955

Trust: 0.6

db:CXSECURITYid:WLB-2022030035

Trust: 0.6

db:CNNVDid:CNNVD-202203-161

Trust: 0.6

db:VULHUBid:VHN-411807

Trust: 0.1

db:VULMONid:CVE-2022-22947

Trust: 0.1

sources: VULHUB: VHN-411807 // VULMON: CVE-2022-22947 // JVNDB: JVNDB-2022-007709 // CNNVD: CNNVD-202203-161 // NVD: CVE-2022-22947

REFERENCES

url:http://packetstormsecurity.com/files/168742/spring-cloud-gateway-3.1.0-remote-code-execution.html

Trust: 2.3

url:http://packetstormsecurity.com/files/166219/spring-cloud-gateway-3.1.0-remote-code-execution.html

Trust: 2.3

url:https://www.oracle.com/security-alerts/cpuapr2022.html

Trust: 2.3

url:https://tanzu.vmware.com/security/cve-2022-22947

Trust: 1.7

url:https://www.oracle.com/security-alerts/cpujul2022.html

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2022-22947

Trust: 0.8

url:https://www.cisa.gov/known-exploited-vulnerabilities-catalog

Trust: 0.8

url:https://www.cybersecurity-help.cz/vdb/sb2022042264

Trust: 0.6

url:https://vigilance.fr/vulnerability/oracle-communications-vulnerabilities-of-april-2022-38100

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2022-22947/

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022042263

Trust: 0.6

url:https://cxsecurity.com/issue/wlb-2022030035

Trust: 0.6

url:https://www.exploit-db.com/exploits/50799

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022030313

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022071955

Trust: 0.6

sources: VULHUB: VHN-411807 // JVNDB: JVNDB-2022-007709 // CNNVD: CNNVD-202203-161 // NVD: CVE-2022-22947

CREDITS

Carlos E. Vieir

Trust: 0.6

sources: CNNVD: CNNVD-202203-161

SOURCES

db:VULHUBid:VHN-411807
db:VULMONid:CVE-2022-22947
db:JVNDBid:JVNDB-2022-007709
db:CNNVDid:CNNVD-202203-161
db:NVDid:CVE-2022-22947

LAST UPDATE DATE

2024-11-23T21:09:09.442000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-411807date:2022-10-28T00:00:00
db:VULMONid:CVE-2022-22947date:2023-07-24T00:00:00
db:JVNDBid:JVNDB-2022-007709date:2023-07-20T07:16:00
db:CNNVDid:CNNVD-202203-161date:2023-07-25T00:00:00
db:NVDid:CVE-2022-22947date:2024-11-21T06:47:39.710

SOURCES RELEASE DATE

db:VULHUBid:VHN-411807date:2022-03-03T00:00:00
db:VULMONid:CVE-2022-22947date:2022-03-03T00:00:00
db:JVNDBid:JVNDB-2022-007709date:2023-07-20T00:00:00
db:CNNVDid:CNNVD-202203-161date:2022-03-03T00:00:00
db:NVDid:CVE-2022-22947date:2022-03-03T22:15:08.673