CyberRota
← Ana sayfaya dön

CVE-2026-49872

HIGH · CVSS 8.1 EPSS %0.32

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-06-19T14:16:23.917 · Çekilme zamanı: 2026-06-30T18:27:51.844411+00:00

CyberRota Yorumu

Detaylı analiz gerekiyor.

CVE
CVE-2026-49872
Severity
HIGH
CVSS
8.1
EPSS
%0.32
Apache

Orijinal NVD Açıklaması

Improper Authentication vulnerability in Apache APISIX. When the cas-auth plugin is used in a route, an attacker can possibly authenticate itself with credentials from a different source. This issue affects Apache APISIX: from 3.0.0 through 3.16.0. Users are recommended to upgrade to version 3.17.0, which fixes the issue.