Apolloconfig: >> Apollo >> 2.2.0 Security Vulnerabilities
An issue in apollocongif apollo v.2.2.0 allows a remote attacker to obtain sensitive information via a crafted request.
CVSS Score
7.5
EPSS Score
0.002
Published
2024-08-20
Apollo is a configuration management system. A vulnerability exists in the synchronization configuration feature that allows users to craft specific requests to bypass permission checks. This exploit enables them to modify a namespace without the necessary permissions. The issue was addressed with an input parameter check which was released in version 2.3.0.
CVSS Score
4.3
EPSS Score
0.001
Published
2024-08-20