Lucene search
Veracode Vulnerability DatabaseVERACODE:33893HistoryJan 26, 2022 - 3:52 a.m.
Missing Authentication
2022-01-2603:52:15
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
11
0.004 Low
EPSS
Percentile
74.4%
shenyu is vulnerable to missing authentication. The vulnerability exists due to a lack of validation in user authentication allows attackers to register for the gateway.
| CPE | Name | Operator | Version |
|---|---|---|---|
| shenyu-admin | le | 2.4.1 | |
| shenyu-admin | le | 2.4.1 |
References
www.openwall.com/lists/oss-security/2022/01/25/6
www.openwall.com/lists/oss-security/2022/01/26/3
github.com/apache/incubator-shenyu/commit/9a02215013037e1cc8cd41f216164628a9e9e28f#diff-826222746684d5523e8eaa53c48cfc008d8e9328f9a8e4fe23907d1836512c58
github.com/apache/incubator-shenyu/pull/2723
lists.apache.org/thread/q2gg6ny6lpkph7nkrvjzqdvqpm805v8s
Related
prion
prion
Authentication flaw
2022-01-25 13:15:00
cnvd
cnvd
Apache ShenYu Access Control Error Vulnerability (CNVD-2022-18269)
2022-01-27 00:00:00
cve
cve
CVE-2022-23945
2022-01-25 13:15:08
osv
osv
Missing authentication in ShenYu
2022-01-28 22:14:11
CVE-2022-23945
2022-01-25 13:15:08
cvelist
cvelist
nvd
nvd
CVE-2022-23945
2022-01-25 13:15:08
github
github
Missing authentication in ShenYu
2022-01-28 22:14:11