CVE-2020-13945 is a vulnerability in Apache Apisix
Published on December 7, 2020

In Apache APISIX, the user enabled the Admin API and deleted the Admin API access IP restriction rules. Eventually, the default token is allowed to access APISIX management data. This affects versions 1.2, 1.3, 1.4, 1.5.

NVD

Products Associated with CVE-2020-13945

Want to know whenever a new CVE is published for Apache Apisix? stack.watch will email you.

Apache Apisix

Affected Versions

Apache Software Foundation Apache APISIX:

Version 1.2 is affected.
Version 1.3 is affected.
Version 1.4 is affected.
Version 1.5 is affected.

Exploit Probability

EPSS

93.43%

Percentile

99.82%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-13945 is a vulnerability in Apache ApisixPublished on December 7, 2020

Products Associated with CVE-2020-13945

Affected Versions

Exploit Probability

CVE-2020-13945 is a vulnerability in Apache Apisix
Published on December 7, 2020