Medium
CVE-2022-37435
Apache ShenYu could allow a remote authenticated attacker to bypass security restrictions, caused by improper privilege management. By sending a specially-crafted request, an attacker could exploit this vulnerability to modify passwords for a high-privilege administrator.
Apache
Upgrade to the latest version of Apache ShenYu, available from the Apache Website.