cvedb.io
CVE-2022-23464
MEDIUM · CVSS 4.3
EPSS exploitation probability: 0%
Published 2022-09-24T05:15:08.837 · Last modified 2026-06-17T04:30:10.613

Summary

Nepxion Discovery is a solution for Spring Cloud. Discovery is vulnerable to a potential Server-Side Request Forgery (SSRF). RouterResourceImpl uses RestTemplate’s getForEntity to retrieve the contents of a URL containing user-controlled input, potentially resulting in Information Disclosure. There is no patch available for this issue at time of publication. There are no known workarounds.

Affected products

nepxion — discovery

Does this affect you?

Add your gear to cvedb and we'll alert you only when nepxion ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.