GHSA-fjjw-82xw-vfc2

Опубликовано: 02 сент. 2022

Источник: github

Github: Прошло ревью

CVSS3: 8.8

Описание

Apache ShenYu Admin has insecure permissions

Apache ShenYu Admin has insecure permissions, which may allow low-privilege administrators to modify high-privilege administrator's passwords. This issue affects Apache ShenYu 2.4.2 and 2.4.3. Version 2.5.0 contains a patch for this issue.

Ссылки

Пакеты

Наименование

org.apache.shenyu:shenyu-common

maven

Затронутые версииВерсия исправления

>= 2.4.2, <= 2.4.3

2.5.0

EPSS

Процентиль: 40%

0.00186

Низкий

8.8 High

CVSS3

CVE ID

CVE-2022-37435

Дефекты

CWE-732

Связанные уязвимости

CVE-2022-37435

CVSS3: 8.8

nvd

больше 3 лет назад

Apache ShenYu Admin has insecure permissions, which may allow low-privilege administrators to modify high-privilege administrator's passwords. This issue affects Apache ShenYu 2.4.2 and 2.4.3.

EPSS

Процентиль: 40%

0.00186

Низкий

8.8 High

CVSS3

CVE ID

CVE-2022-37435

Дефекты

CWE-732