CVE-2022-23944

Summary

User can access /plugin api without authentication. This issue affected Apache ShenYu 2.4.0 and 2.4.1.

Affected Software

VendorProductVersion RangeStatus
Apache Software FoundationApache ShenYu (incubating)Apache ShenYu (incubating) < 2.4.2affected

Weaknesses

  • CWE-862: CWE-862 Missing Authorization

ADP Enrichment

CVE Program Container

Additional References

References