Overview \r\n On March 24, 2022, Pivotal patched a critical server-side code injection vulnerability (Spring Expression Language injection) in Spring Cloud Function, which could potentially lead to system compromise. Spring is the popular open-source Java framework. This, and another discovered remote code execution (RCE) vulnerability (Spring Core or “Spring4Shell”), are mitigated by Akamai Adaptive Security Engine (ASE) Kona Site Defender (KSD) rulesets. This post focuses on Spring Cloud vulnerabilities, but you can read about the Spring Core vulnerability  here . \r\n Spring Cloud Function is a technology that allows decoupling the business logic from any specific runtime. Spring Expression Language (SpEL) is a powerful expression language, used across the Spring portfolio, that supports querying and manipulating an object graph at runtime.…