daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Enhancement: cves/2021/CVE-2021-37580.yaml by mp

patch-1
MostInterestingBotInTheWorld 2022-05-02 14:58:29 -04:00
parent d9efc8c047
commit d59f879262
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
cves/2021/CVE-2021-37580.yaml
View File

@ -1,10 +1,10 @@
id: CVE-2021-37580 id: CVE-2021-37580
info: info:
name: Apache ShenYu Admin JWT authentication bypass name: Apache ShenYu Admin JWT - Authentication Bypass
author: pdteam author: pdteam
severity: critical severity: critical
description: A flaw was found in Apache ShenYu Admin. The incorrect use of JWT in ShenyuAdminBootstrap allows an attacker to bypass authentication. This issue affected Apache ShenYu 2.3.0 and 2.4.0 description: Apache ShenYu 2.3.0 and 2.4.0 allow Admin access without proper authentication. The incorrect use of JWT in ShenyuAdminBootstrap allows an attacker to bypass authentication.
reference: reference:
- https://nvd.nist.gov/vuln/detail/CVE-2021-37580 - https://nvd.nist.gov/vuln/detail/CVE-2021-37580
- https://github.com/fengwenhua/CVE-2021-37580 - https://github.com/fengwenhua/CVE-2021-37580
@ -33,4 +33,6 @@ requests:
- type: status - type: status
status: status:
- 200 - 200
# Enhanced by mp on 2022/05/02