CVE-2020-15170
CVE-2020-15170 affects apollo-adminservice prior to version 1.7.1, which does not implement access controls. Several trusted sources indicate that exposing apollo-adminservice to the Internet can allow direct access to APIs, enabling reading/editing of application configurations. The root cause i...