Update CVE-2021-45232.yaml

patch-1
Prince Chaddha 2022-01-17 22:20:44 +05:30 committed by GitHub
parent f988ad8ff4
commit bc5fba6fbf
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 3 deletions

View File

@ -1,5 +1,4 @@
id: CVE-2021-45232 id: CVE-2021-45232
info: info:
name: Apache APISIX Dashboard api unauth access name: Apache APISIX Dashboard api unauth access
author: Mr-xn author: Mr-xn
@ -10,12 +9,13 @@ info:
- https://github.com/pingpongcult/CVE-2021-45232 - https://github.com/pingpongcult/CVE-2021-45232
- https://github.com/advisories/GHSA-wcxq-f256-53xp - https://github.com/advisories/GHSA-wcxq-f256-53xp
- https://twitter.com/403Timeout/status/1475715079173976066 - https://twitter.com/403Timeout/status/1475715079173976066
tags: cve,cve2021,apache,unauth,apisix - https://nvd.nist.gov/vuln/detail/CVE-2021-45232
classification: classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.80 cvss-score: 9.80
cve-id: CVE-2021-45232 cve-id: CVE-2021-45232
cwe-id: CWE-306 cwe-id: CWE-306
tags: cve,cve2021,apache,unauth,apisix
requests: requests:
- method: GET - method: GET
@ -24,7 +24,6 @@ requests:
matchers-condition: and matchers-condition: and
matchers: matchers:
- type: word - type: word
words: words:
- '"Consumers":' - '"Consumers":'