Lucene search
China National Vulnerability DatabaseCNVD-2021-89682HistoryNov 17, 2021 - 12:00 a.m.
Apache ShenYu licensing issue vulnerability
2021-11-1700:00:00
China National Vulnerability Database
www.cnvd.org.cn
10
0.932 High
EPSS
Percentile
99.1%
Apache ShenYu is an asynchronous, high-performance, cross-language, responsive API gateway from the Apache Foundation.An authorization issue vulnerability exists in Apache ShenYu Admin, which stems from a misuse of JWT in ShenuAdminBootstrap allowing an attacker to bypass authentication. No detailed vulnerability details are currently available.
| CPE | Name | Operator | Version |
|---|---|---|---|
| apache shenyu | eq | 2.3.0 | |
| apache shenyu | eq | 2.4.0 |
Related
cve
cve
CVE-2021-37580
2021-11-16 10:15:07
checkpoint_advisories
checkpoint_advisories
Apache ShenYu Admin Authentication Bypass (CVE-2021-37580)
2021-12-28 00:00:00
cvelist
cvelist
CVE-2021-37580 Apache ShenYu Admin bypass JWT authentication
2021-11-16 09:35:11
nvd
nvd
CVE-2021-37580
2021-11-16 10:15:07
githubexploit
githubexploit
Exploit for Improper Authentication in Apache Shenyu
2021-11-19 09:00:37
Exploit for Improper Authentication in Apache Shenyu
2021-11-19 08:21:44
Exploit for Improper Authentication in Apache Shenyu
2021-11-19 06:49:35
github
github
Improper Authentication in Apache ShenYu Admin
2021-11-17 23:15:30
veracode
veracode
Privilege Escalation
2021-11-18 08:45:08
osv
osv
CVE-2021-37580
2021-11-16 10:15:07
Improper Authentication in Apache ShenYu Admin
2021-11-17 23:15:30
prion
prion
Authentication flaw
2021-11-16 10:15:00
nuclei
nuclei
Apache ShenYu Admin JWT - Authentication Bypass
2021-11-18 20:08:23