Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:36910
HistorySep 02, 2022 - 7:43 a.m.

Privilege Escalation

2022-09-0207:43:53
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
privilege escalation
vulnerability
dashboardusercontroller

EPSS

0.001

Percentile

44.5%

JSON

shenyu-admin is vulnerable to privilege escalation. The vulnerability exists in modifyPassword function in DashboardUserController.java because it allows a low-permission administrator to modify high-permission administrator passwords which allows the attacker to perform unauthorized actions.

Related

cvelist 1
osv 2
cve 1
prion 1
github 1
nvd 1
cvelist
cvelist
CVE-2022-37435 Apache ShenYu Admin Improper Privilege Management
2022-09-01 14:00:14
osv
osv
CVE-2022-37435
2022-09-01 14:15:10
Apache ShenYu Admin has insecure permissions
2022-09-02 00:01:09
cve
cve
CVE-2022-37435
2022-09-01 14:15:10
prion
prion
Design/Logic Flaw
2022-09-01 14:15:00
github
github
Apache ShenYu Admin has insecure permissions
2022-09-02 00:01:09
nvd
nvd
CVE-2022-37435
2022-09-01 14:15:10

EPSS

0.001

Percentile

44.5%

JSON
Related for VERACODE:36910
cvelist1osv2cve1prion1github1nvd1