CVE-2021-37580

Improper Authentication in maven/org.apache.shenyu/shenyu-admin

Identifiers

CVE-2021-37580

Package Slug

maven/org.apache.shenyu/shenyu-admin

Vulnerability

Improper Authentication

Description

A flaw was found in Apache ShenYu Admin. The incorrect use of JWT in ShenyuAdminBootstrap allows an attacker to bypass authentication.

Affected Versions

All versions starting from 2.3.0 up to 2.4.0

Solution

Upgrade to version 2.4.1 or above.

Last Modified

2021-11-19

source