Lucene search
Veracode Vulnerability DatabaseVERACODE:27527HistoryOct 05, 2020 - 4:13 a.m.
Exposed API
2020-10-0504:13:32
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
api security
access controls
internet exposure
configuration vulnerability
EPSS
0.001
Percentile
49.3%
apollo-core does not provide secure access controls to the APIs. When exposed to the Internet, the lack of access controls allow any remote user to access and edit the application’s configuration.
Related
cvelist
cvelist
CVE-2020-15170 Missing access control in apollo-adminservice
2020-09-10 18:40:14
gitlab
gitlab
Improper Input Validation
2020-09-10 00:00:00
osv
osv
Potential access control security issue in apollo-adminservice
2020-10-02 16:33:41
CVE-2020-15170
2020-09-10 19:15:13
prion
prion
Design/Logic Flaw
2020-09-10 19:15:00
cve
cve
CVE-2020-15170
2020-09-10 19:15:13
github
github
Potential access control security issue in apollo-adminservice
2020-10-02 16:33:41
nvd
nvd
CVE-2020-15170
2020-09-10 19:15:13