logo

CVE-2022-24112 - Apache APISIX Authentication Bypass Vulnerability

CVE-2022-24112

Apache | APISIX

  • Date Added:
  • 2022-08-25
  • Due Date:
  • 2022-09-15
Vulnerability Name

Apache APISIX Authentication Bypass Vulnerability

Description

Apache APISIX contains an authentication bypass vulnerability that allows for remote code execution.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply updates per vendor instructions.

Additional Notes
https://lists.apache.org/thread/lcdqywz8zy94mdysk7p3gfdgn51jmt94; https://nvd.nist.gov/vuln/detail/CVE-2022-24112

Free online web security scanner