CVE-2022-37435

CVE-2022-37435: Apache ShenYu Admin Improper Privilege Management

Vendor Apache Software Foundation

Product Apache ShenYu

Weakness CWE-732

Published September 1, 2022

Last update August 3, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

Description

Apache ShenYu Admin has insecure permissions, which may allow low-privilege administrators to modify high-privilege administrator's passwords. This issue affects Apache ShenYu 2.4.2 and 2.4.3.

Key dates

Disclosure timeline

September 1, 2022 CVE published

August 3, 2024 Record updated