HomePentest-Tools.com Logo

Apache ShenYu Admin Unauth Access CVE-2022-23944

Severity
CVSSv3 Score
9.1
Vulnerability description

Apache ShenYu suffers from an unauthorized access vulnerability where a user can access /plugin api without authentication. This issue affected Apache ShenYu 2.4.0 and 2.4.1.

Risk description

No risk description to display.

Recommendation

Upgrade to Apache ShenYu (incubating) 2.4.2 or apply the appropriate patch.

Codename
Not available
Detectable with
Network Scanner
Scan engine
Nuclei
Exploitable with Sniper
No
CVE Published
Jan 25, 2022
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available