| Vulnerability Name: | CVE-2022-22947 (CCN-220817) | ||||||||||||
| Assigned: | 2022-03-01 | ||||||||||||
| Published: | 2022-03-01 | ||||||||||||
| Updated: | 2023-07-24 | ||||||||||||
| Summary: | |||||||||||||
| CVSS v3 Severity: | 10.0 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H) 9.3 Critical (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:F/RL:O/RC:C)
9.3 Critical (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:F/RL:O/RC:C)
| ||||||||||||
| CVSS v2 Severity: | 6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
| ||||||||||||
| Vulnerability Consequences: | Gain Access | ||||||||||||
| References: | Source: MITRE Type: CNA CVE-2022-22947 Source: security@vmware.com Type: Exploit, Third Party Advisory, VDB Entry security@vmware.com Source: security@vmware.com Type: Exploit, Third Party Advisory, VDB Entry security@vmware.com Source: XF Type: UNKNOWN vmwaretanzu-cve202222947-code-exec(220817) Source: CCN Type: Packet Storm Security [03-07-2022] Spring Cloud Gateway 3.1.0 Remote Code Execution Source: CCN Type: Packet Storm Security [10-17-2022] Spring Cloud Gateway 3.1.0 Remote Code Execution Source: CCN Type: Spring Web site Spring Cloud Gateway CVE reports published Source: CCN Type: VMware Tanzu Web site CVE-2022-22947: Spring Cloud Gateway Code Injection Vulnerability Source: security@vmware.com Type: Mitigation, Vendor Advisory security@vmware.com Source: EXPLOIT-DB Type: EXPLOIT Offensive Security Exploit Database [03-07-2022] Source: CCN Type: Oracle CPUApr2022 Oracle Critical Patch Update Advisory - April 2022 Source: security@vmware.com Type: Patch, Third Party Advisory security@vmware.com Source: CCN Type: Oracle CPUJul2022 Oracle Critical Patch Update Advisory - July 2022 Source: security@vmware.com Type: Patch, Third Party Advisory security@vmware.com | ||||||||||||
| BACK | |||||||||||||