9.8
CVE-2022-24112
- EPSS 94.44%
- Published 11.02.2022 13:15:08
- Last modified 06.03.2025 19:48:51
- Source security@apache.org
- Teams watchlist Login
- Open Login
An attacker can abuse the batch-requests plugin to send requests to bypass the IP restriction of Admin API. A default configuration of Apache APISIX (with default API key) is vulnerable to remote code execution. When the admin key was changed or the port of Admin API was changed to a port different from the data panel, the impact is lower. But there is still a risk to bypass the IP restriction of Apache APISIX's data panel. There is a check in the batch-requests plugin which overrides the client IP with its real remote IP. But due to a bug in the code, this check can be bypassed.
Data is provided by the National Vulnerability Database (NVD)
25.08.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog
Apache APISIX Authentication Bypass Vulnerability
VulnerabilityApache APISIX contains an authentication bypass vulnerability that allows for remote code execution.
DescriptionApply updates per vendor instructions.
Required actions| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 94.44% | 1 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
CWE-290 Authentication Bypass by Spoofing
This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.