Introduction
Sensitive credentials and configuration secrets can be exposed to attackers when Spring Cloud Gateway Server Webflux is misconfigured. CVE-2025-41253 demonstrates how a combination of actuator endpoint exposure and permissive Spring Expression Language (SpEL) evaluation can lead to the exfiltration of environment variables and system properties. This vulnerability is particularly relevant in cloud-native environments, where environment variables often store critical secrets and operational parameters.
Spring Cloud Gateway is a core component of the Spring ecosystem, maintained by VMware, and widely adopted as an API gateway in Java-based microservices architectures. Its popularity and central role in routing and securing service traffic make vulnerabilities in this framework especially impactful for enterprises and cloud providers.
Technical Information
CVE-2025-41253 is triggered when a Spring Cloud Gateway Server Webflux application is configured with the actuator web endpoint enabled (specifically, the gateway endpoint) and those endpoints are accessible without authentication. The vulnerability does not affect the Spring Cloud Gateway Server MVC variant. The root cause is the evaluation of untrusted SpEL expressions in route definitions submitted via the actuator API. When an attacker can create or modify routes through the actuator endpoint, they may inject SpEL expressions that access sensitive beans such as @systemProperties and @systemEnvironment. This allows the attacker to enumerate and extract environment variables and system properties, which often include database credentials, API keys, and other secrets.
The attack is only possible when all of the following conditions are met:
- The application uses Spring Cloud Gateway Server Webflux (not MVC)
- The actuator web endpoint is enabled with
management.endpoints.web.exposure.include=gatewayandmanagement.endpoint.gateway.enabled=trueormanagement.endpoint.gateway.access=unrestricted - The actuator endpoints are accessible to attackers and are not secured by authentication
The vulnerability is rooted in the use of a permissive SpEL evaluation context in the actuator route management API, which does not restrict access to sensitive beans. This enables attackers to craft expressions that directly reference system properties and environment variables, leading to information disclosure.
Patch Information
To address the vulnerability identified as CVE-2025-41253, the Spring team has released updates across multiple versions of Spring Cloud Gateway. These updates are designed to prevent unauthorized access to environment variables and system properties through the misuse of Spring Expression Language (SpEL) in route configurations.
Fixed Versions:
- 4.3.x: Upgraded to version 4.3.2
- 4.2.x: Upgraded to version 4.2.6
- 4.1.x: Upgraded to version 4.1.12 (Commercial release)
- 4.0.x: Upgraded to version 4.1.12 (Out of support)
- 3.1.x: Upgraded to version 3.1.12 (Commercial release)
Key Changes in the Patch:
-
Enhanced Validation of SpEL Expressions: The patch introduces stricter validation mechanisms for SpEL expressions used in route configurations. This ensures that only authorized and safe expressions are evaluated, mitigating the risk of exposing sensitive system properties.
-
Restricted Access to Actuator Endpoints: The update modifies the default configuration to restrict access to actuator endpoints. By default, the
gatewayactuator endpoint is no longer exposed unless explicitly configured by the administrator. This change reduces the attack surface by preventing unauthorized users from creating or modifying routes that could exploit SpEL vulnerabilities. -
Improved Security Documentation: The release includes updated documentation emphasizing the importance of securing actuator endpoints. Administrators are advised to:
- Remove the
gatewayfrom themanagement.endpoints.web.exposure.includeproperty if it's not in use. - Secure actuator endpoints by implementing proper authentication and authorization mechanisms to prevent unauthorized access.
- Remove the
Code Snippet Illustrating the Change:
# Previous configuration (vulnerable) management.endpoints.web.exposure.include=gateway # Updated configuration (secure by default) # The 'gateway' endpoint is not exposed unless explicitly included management.endpoints.web.exposure.include=health,info
By implementing these updates, the Spring team aims to fortify the security of applications using Spring Cloud Gateway, ensuring that environment variables and system properties remain protected from unauthorized access.
Patch Source: https://spring.io/security/cve-2025-41253
Affected Systems and Versions
CVE-2025-41253 affects only the Spring Cloud Gateway Server Webflux variant. The following versions are vulnerable:
- 4.3.x versions prior to 4.3.2
- 4.2.x versions prior to 4.2.6
- 4.1.x versions prior to 4.1.12 (commercial support)
- 4.0.x versions prior to 4.1.12 (out of support)
- 3.1.x versions prior to 3.1.12 (commercial support)
Only configurations where the actuator web endpoint is enabled and exposed without authentication are vulnerable. Systems using the Spring Cloud Gateway Server MVC variant are not affected.
Vendor Security History
The Spring team, under VMware, has previously addressed similar vulnerabilities involving SpEL injection and actuator endpoint misconfiguration, such as CVE-2022-22947 and CVE-2025-41243. The vendor has a track record of releasing patches promptly and updating documentation to reflect best security practices. However, the recurrence of SpEL and actuator-related vulnerabilities indicates ongoing challenges in balancing the flexibility of dynamic configuration with the need for robust security controls in cloud-native Java applications.