Is CVE-2022-22947 in the CISA Known Exploited Vulnerabilities catalog?

Yes — CVE-2022-22947 is listed in CISA KEV, remediation due 2022-06-06.

CISA Known Exploited Vulnerability

CVE-2022-22947

Spring Cloud Gateway applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured.

⚠ Actively exploited (CISA KEV) Spring 2022

CISA catalog entry

Product

Spring Cloud Gateway

Vendor

VMware

Added to KEV

2022-05-16

Remediation due

2022-06-06

CVE-2022-22947 is tracked in the CISA Known Exploited Vulnerabilities catalog. WebPulse monitors it as part of its framework security intelligence.

Related vulnerabilities

CVE-2026-9319 CVE-2026-9311 CVE-2026-8644 CVE-2026-40994 CVE-2026-40987 CVE-2022-22965 CVE-2022-22963 CVE-2020-5410