CVE-2022-37435
HIGH8.8EPSS 0.52%Apache ShenYu Admin has insecure permissions
Published: 9/2/2022Modified: 2/16/2024
Also known as:GHSA-fjjw-82xw-vfc2
Description
Apache ShenYu Admin has insecure permissions, which may allow low-privilege administrators to modify high-privilege administrator's passwords. This issue affects Apache ShenYu 2.4.2 and 2.4.3. Version 2.5.0 contains a patch for this issue.
Affected packages (1)
- Maven/org.apache.shenyu:shenyu-common>= 2.4.2, < 2.5.0
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH8.8 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |