Lucene search
ApacheCVELIST:CVE-2021-37580HistoryNov 16, 2021 - 9:35 a.m.
CVE-2021-37580 Apache ShenYu Admin bypass JWT authentication
2021-11-1609:35:11
CWE-287
apache
www.cve.org
A flaw was found in Apache ShenYu Admin. The incorrect use of JWT in ShenyuAdminBootstrap allows an attacker to bypass authentication. This issue affected Apache ShenYu 2.3.0 and 2.4.0
CNA Affected
[
{
"product": "Apache ShenYu Admin",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "Apache ShenYu Admin 2.3.0-2.4.0"
}
]
}
]Related
cve
cve
CVE-2021-37580
2021-11-16 10:15:07
checkpoint_advisories
checkpoint_advisories
Apache ShenYu Admin Authentication Bypass (CVE-2021-37580)
2021-12-28 00:00:00
nvd
nvd
CVE-2021-37580
2021-11-16 10:15:07
githubexploit
githubexploit
Exploit for Improper Authentication in Apache Shenyu
2021-11-19 09:00:37
Exploit for Improper Authentication in Apache Shenyu
2021-11-19 08:21:44
Exploit for Improper Authentication in Apache Shenyu
2021-11-19 06:49:35
github
github
Improper Authentication in Apache ShenYu Admin
2021-11-17 23:15:30
veracode
veracode
Privilege Escalation
2021-11-18 08:45:08
cnvd
cnvd
Apache ShenYu licensing issue vulnerability
2021-11-17 00:00:00
osv
osv
CVE-2021-37580
2021-11-16 10:15:07
Improper Authentication in Apache ShenYu Admin
2021-11-17 23:15:30
prion
prion
Authentication flaw
2021-11-16 10:15:00
nuclei
nuclei
Apache ShenYu Admin JWT - Authentication Bypass
2021-11-18 20:08:23