CVE-2022-37435

Improper Privilege Management in maven/org.apache.shenyu/shenyu-admin

Identifiers

CVE-2022-37435

Package Slug

maven/org.apache.shenyu/shenyu-admin

Vulnerability

Improper Privilege Management

Description

Apache ShenYu Admin has insecure permissions, which may allow low-privilege administrators to modify high-privilege administrator's passwords. This issue affects Apache ShenYu 2.4.2 and 2.4.3.

Affected Versions

All versions starting from 2.4.2 up to 2.4.3

Solution

Upgrade to version 2.5.0 or above.

Last Modified

2022-09-12

source