CVE-2022-22947 VMware CVE debrief

Who should care

Organizations and security teams responsible for VMware Spring Cloud Gateway deployments should prioritize this CVE, especially teams handling patching, vulnerability management, and asset inventory.

Technical summary

The official source corpus identifies CVE-2022-22947 as a code injection vulnerability in VMware Spring Cloud Gateway. CISA’s KEV catalog marks it as known exploited and directs organizations to apply updates per vendor instructions. The source set does not provide a CVSS score or additional technical detail.

Defensive priority

High. CISA’s KEV inclusion indicates known exploitation, so remediation should be prioritized over routine patch cycles.

Recommended defensive actions

• Identify all VMware Spring Cloud Gateway instances in your environment.
• Apply vendor-provided updates or mitigations as directed in official VMware guidance.
• Verify whether any affected systems were exposed before patching and review them for unexpected changes.
• Confirm the vulnerability is removed from your exposure and remediation tracking.
• Monitor CISA KEV updates and vendor advisories for any follow-on guidance.

Evidence notes

This debrief is based only on the supplied official records: the CISA Known Exploited Vulnerabilities entry, the CVE record, and the NVD detail link. The corpus confirms the vulnerability name, product, known-exploitation status, and KEV dates (added 2022-05-16; due 2022-06-06). No CVSS score was provided in the source corpus, so none is stated here.

Official resources