Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Izanami is vulnerable to Authorization Bypass
Vulnerability Description
Izanami is a shared configuration service well-suited for micro-service architecture implementation. Attackers can bypass the authentication in this application when deployed using the official Docker image. Because a hard coded secret is used to sign the authentication token (JWT), an attacker could compromise another instance of Izanami. This issue has been patched in version 1.11.0.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
使用候选路径或通道进行的认证绕过
Vulnerability Title
Izanami 信任管理问题漏洞
Vulnerability Description
Izanami是一个共享配置、功能翻转和 A/B 测试服务器,非常适合微服务架构实现。 Izanami 1.11.0之前版本存在安全漏洞,该漏洞源于当使用官方Docker镜像部署时,攻击者可以绕过此应用程序中的身份验证。
CVSS Information
N/A
Vulnerability Type
N/A