Skip to main content

Apollo

7 CVEs product

Monthly

CVE-2024-43397 Maven MEDIUM PATCH This Month

Apollo is a configuration management system. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Apollo
NVD GitHub
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-42662 HIGH This Week

An issue in apollocongif apollo v.2.2.0 allows a remote attacker to obtain sensitive information via a crafted request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apollo
NVD GitHub
CVSS 3.1
7.5
EPSS
0.5%
CVE-2022-4962 MEDIUM POC This Month

A vulnerability was found in Apollo 2.0.0/2.0.1 and classified as problematic. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Apollo
NVD GitHub VulDB
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-25570 Maven HIGH PATCH This Week

Apollo is a configuration management system. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Authentication Bypass Apollo
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2023-25569 Maven MEDIUM PATCH This Month

Apollo is a configuration management system. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF Apollo
NVD GitHub
CVSS 3.1
5.7
EPSS
0.4%
CVE-2020-15170 Maven HIGH PATCH This Week

apollo-adminservice before version 1.7.1 does not implement access controls. Rated high severity (CVSS 7.0), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Apollo
NVD GitHub
CVSS 3.1
7.0
EPSS
1.3%
CVE-2019-10686 Maven CRITICAL Act Now

An SSRF vulnerability was found in an API from Ctrip Apollo through 1.4.0-SNAPSHOT. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF Apollo
NVD GitHub
CVSS 3.0
10.0
EPSS
1.6%
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Apollo is a configuration management system. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Apollo
NVD GitHub
EPSS 1% CVSS 7.5
HIGH This Week

An issue in apollocongif apollo v.2.2.0 allows a remote attacker to obtain sensitive information via a crafted request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apollo
NVD GitHub
EPSS 0% CVSS 4.3
MEDIUM POC This Month

A vulnerability was found in Apollo 2.0.0/2.0.1 and classified as problematic. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Apollo
NVD GitHub VulDB
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Apollo is a configuration management system. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Authentication Bypass Apollo
NVD GitHub
EPSS 0% CVSS 5.7
MEDIUM PATCH This Month

Apollo is a configuration management system. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF Apollo
NVD GitHub
EPSS 1% CVSS 7.0
HIGH PATCH This Week

apollo-adminservice before version 1.7.1 does not implement access controls. Rated high severity (CVSS 7.0), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Apollo
NVD GitHub
EPSS 2% CVSS 10.0
CRITICAL Act Now

An SSRF vulnerability was found in an API from Ctrip Apollo through 1.4.0-SNAPSHOT. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF Apollo
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy