CVE-2022-42735

CVSS v3.1 8.8 (High)

EPSS 0.22 % (61^th)

Affected Products 1

Advisories 1

Improper Privilege Management vulnerability in Apache Software Foundation Apache ShenYu.

ShenYu Admin allows low-privilege low-level administrators create users with higher privileges than their own.

This issue affects Apache ShenYu: 2.5.0.

Upgrade to Apache ShenYu 2.5.1 or apply patch https://github.com/apache/shenyu/pull/3958 https://github.com/apache/shenyu/pull/3958 .

Weaknesses

CWE-269: Improper Privilege Management

CVE Status: PUBLISHED
CNA: Apache Software Foundation
Published Date: 2023-02-15 10:15:16
(19 months ago)
Updated Date: 2023-11-07 03:53:25
(10 months ago)

Affected Products

Apache

Shenyu

Configuration #1

		CPE23	From	Up To
	Apache Shenyu 2.5.0	cpe:2.3:a:apache:shenyu:2.5.0