Lucene search

Potential access control security issue in apollo-adminservice

🗓️ 02 Oct 2020 16:41:33Reported by GitHub Advisory DatabaseType

Potential access control issue in apollo-adminservice. Exposing to internet may lead to unauthorized access/edit of configuration

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 9
GitLab Advisory Database	Improper Input Validation	10 Sep 202000:00	–	gitlab
OSV	Potential access control security issue in apollo-adminservice	2 Oct 202016:33	–	osv
OSV	CVE-2020-15170	10 Sep 202019:15	–	osv
Veracode	Exposed API	5 Oct 202004:13	–	veracode
Cvelist	CVE-2020-15170 Missing access control in apollo-adminservice	10 Sep 202018:40	–	cvelist
NVD	CVE-2020-15170	10 Sep 202019:15	–	nvd
RedhatCVE	CVE-2020-15170	5 Feb 202514:50	–	redhatcve
Prion	Design/Logic Flaw	10 Sep 202019:15	–	prion
CVE	CVE-2020-15170	10 Sep 202019:15	–	cve

Vulners

Node

com.ctrip.framework.apollo apollo-coreRange<1.7.1

Source	Link
github	www.github.com/ctripcorp/apollo/security/advisories/GHSA-xpmx-h7xq-xffh
nvd	www.nvd.nist.gov/vuln/detail/CVE-2020-15170
github	www.github.com/ctripcorp/apollo/pull/3233/commits/ae9ba6cfd32ed80469f162e5e3583e2477862ddf
github	www.github.com/advisories/GHSA-xpmx-h7xq-xffh

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

02 Oct 2020 16:33Current

2.6Low risk

Vulners AI Score2.6

CVSS26.8

CVSS37

EPSS0.00276

CWE-20