3 matches found
CVE-2021-29441
Nacos is a platform designed for dynamic service discovery and configuration and service management. In Nacos before version 1.4.1, when configured to use authentication -Dnacos.core.auth.enabled=true Nacos uses the AuthFilter servlet filter to enforce authentication. This filter has a backdoor...
The vulnerability of the AuthFilter component in the Nacos software platform allows attackers to increase their privileges.
The vulnerability of the AuthFilter component in the Nacos software platform involves bypassing authentication through spoofing. Exploiting this vulnerability allows a malicious actor to enhance their privileges remotely...
PT-2021-3840
Name of the Vulnerable Software and Affected Versions Nacos versions prior to 1.4.1 Description The issue is related to the AuthFilter component of the Nacos platform, which can be exploited to bypass authentication through spoofing. This may allow a remote attacker to elevate their privileges. T...