2 matches found
CVE-2024-6834
A vulnerability in APIML Spring Cloud Gateway which leverages user privileges by unexpected signing proxied request by Zowe's client certificate. This allows access to a user to the endpoints requiring an internal client certificate without any credentials. It could lead to managing components in...
CVE-2024-6834
APIML Spring Cloud Gateway is affected by a vulnerability where proxy requests are unexpectedly signed with Zowe’s client certificate, allowing non-privileged users to access endpoints that require an internal client certificate without any credentials. This can enable an attacker to manage compo...