Improper Privilege Management vulnerability in Apache Software Foundation Apache ShenYu.
ShenYu Admin allows low-privilege low-level administrators create users with higher privileges than their own.
This issue affects Apache ShenYu: 2.5.0.
Upgrade to Apache ShenYu 2.5.1 or apply patch https://github.com/apache/shenyu/pull/3958 https://github.com/apache/shenyu/pull/3958 .
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/42xxx/CVE-2022-42735.json",
"cwe_ids": [
"CWE-269"
],
"unresolved_ranges": [
{
"extracted_events": [
{
"last_affected": "2.5.0"
}
],
"source": "AFFECTED_FIELD"
}
],
"cna_assigner": "apache"
}