CVE-2023-22495

by Fred · 13/01/2023

Izanami is a shared configuration service well-suited for micro-service architecture implementation. Attackers can bypass the authentication in this application when deployed using the official Docker image. Because a hard coded secret is used to sign the authentication token (JWT), an attacker could compromise another instance of Izanami. This issue has been patched in version 1.11.0.

Date published : 2023-01-13

https://github.com/MAIF/izanami/releases/tag/v1.11.0

https://github.com/MAIF/izanami/security/advisories/GHSA-9r7j-m337-792c

CVE-2023-22495

Similar

Recent Posts

Categories

CVE-2023-22495

Share this:

Similar

Recent Posts

Categories

Tags