Description

It's possible to access the APISIX's Admin API by using the default access token. Therefore, an attacker can interact with the server as an administrator which leads to takeover of the server.

Remediation

Change the default access token and restrict access to API

References

CVE-2020-13945: Apache APISIX's Admin API default access token vulnerability

CVE-2022-24112: Apache APISIX: apisix/batch-requests plugin allows overwriting the X-REAL-IP header

Related Vulnerabilities

MySQL CVE-2023-22097 Vulnerability (CVE-2023-22097)

Nginx Off-by-one Error Vulnerability (CVE-2021-23017)

PHP Integer Overflow or Wraparound Vulnerability (CVE-2016-7568)

Contao Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-10125)

osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-7192)

Severity

Medium

Classification

CVE-2020-13945 CVE-2022-24112 CWE-259 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:A

Tags

Default Credentials Insecure Admin Access Known Vulnerabilities