CVE-2022-24112 - Apache APISIX Authentication Bypass Vulnerability
Project:Apache
Product:APISIX
Date Added:2022-08-25Due Date:2022-09-15
Vulnerability Name
Apache APISIX Authentication Bypass Vulnerability
Description
Apache APISIX contains an authentication bypass vulnerability that allows for remote code execution.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://lists.apache.org/thread/lcdqywz8zy94mdysk7p3gfdgn51jmt94
https://nvd.nist.gov/vuln/detail/CVE-2022-24112