Language:
https://github.com/apache/apisix/blob/release/2.13/CHANGELOG.md#2130
https://lists.apache.org/thread/03vd2j81krxmpz6xo8p1dl642flpo6fv
Severity: Critical
ID: 161977
File Name: apache_apisix_cve-2022-25757.nasl
Version: 1.2
Type: remote
Family: Misc.
Published: 6/9/2022
Updated: 6/13/2022
Configuration: Enable paranoid mode
Supported Sensors: Nessus
Risk Factor: Medium
Score: 6.7
Risk Factor: Medium
Base Score: 6.8
Temporal Score: 5
Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS Score Source: CVE-2022-25757
Risk Factor: Critical
Base Score: 9.8
Temporal Score: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
CPE: cpe:/a:apache:apisix
Required KB Items: installed_sw/Apache APISIX, Settings/ParanoidReport
Exploit Ease: No known exploits are available
Patch Publication Date: 3/28/2022
Vulnerability Publication Date: 3/28/2022
CVE: CVE-2022-25757