{"schema_version": "1.6.1", "id": "CVE-2022-37435", "summary": "Apache ShenYu Admin Improper Privilege Management", "details": "Apache ShenYu Admin has insecure permissions, which may allow low-privilege administrators to modify high-privilege administrator's passwords.\nThis issue affects Apache ShenYu 2.4.2 and 2.4.3.", "affected": [{"ranges": [{"type": "SEMVER", "events": [{"introduced": "2.4.2 and 2.4.3"}, {"last_affected": "2.4.2 and 2.4.3"}]}]}], "references": [{"type": "ADVISORY", "url": "https://lists.apache.org/thread/ndblyxr2fdrvjtgbs1bogxgv2cgk7t28"}]}