Apache ShenYu, an asynchronous, high-performance, cross-language, responsive API gateway from the Apache Foundation, is vulnerable to an access control error in Apache ShenYu versions 2.4.0 and 2.4.1, which stems from a lack of authentication in ShenYu Admin when registering via HTTP. An attacker could exploit this vulnerability to cause unauthorized access to system data or functionality.
CPE | Name | Operator | Version |
---|---|---|---|
apache shenyu | eq | 2.4.0 | |
apache shenyu | eq | 2.4.1 |