Rewterz Threat Alert – PatchWork APT Group Targeting Pakistan – Active IOCs
September 2, 2022Rewterz Threat Advisory – Multiple Mozilla Thunderbird Vulnerabilities
September 2, 2022Rewterz Threat Alert – PatchWork APT Group Targeting Pakistan – Active IOCs
September 2, 2022Rewterz Threat Advisory – Multiple Mozilla Thunderbird Vulnerabilities
September 2, 2022Severity
Medium
Analysis Summary
CVE-2022-37435
Apache ShenYu could allow a remote authenticated attacker to bypass security restrictions, caused by improper privilege management. By sending a specially-crafted request, an attacker could exploit this vulnerability to modify passwords for a high-privilege administrator.
Impact
- Security Bypass
Indicators Of Compromise
CVE
- CVE-2022-37435
Affected Vendors
Apache
Affected Products
- Apache ShenYu 2.4.2
- Apache ShenYu 2.4.3
Remediation
Upgrade to the latest version of Apache ShenYu, available from the Apache Website.