CVE-2023-44312: Apache ServiceComb Service-Center: attacker can query all environment variables of the service-center server

bismy Tue, 30 Jan 2024 23:58:50 -0800

Affected versions:

- Apache ServiceComb Service-Center through 2.1.0


Description:

Exposure of Sensitive Information to an Unauthorized Actor in Apache 
ServiceComb Service-Center.This issue affects Apache ServiceComb Service-Center 
before 2.1.0 (include).

Users are recommended to upgrade to version 2.2.0, which fixes the issue.

Credit:

?? ?? <suanw...@hotmail.com> (finder)

References:

https://servicecomb.apache.org/
https://www.cve.org/CVERecord?id=CVE-2023-44312</suanw...@hotmail.com>

CVE-2023-44312: Apache ServiceComb Service-Center: attacker can query all environment variables of the service-center server

Reply via email to