CVE-2021-43116

Name of the Vulnerable Software and Affected Versions Nacos version 2.0.3

Description An Access Control issue exists in the access prompt page. A malicious user can login by capturing packets, entering username and password, clicking on login, and then changing the returned package.

Recommendations For Nacos version 2.0.3, consider temporarily restricting access to the login functionality until a patch is available. As a workaround, monitor network traffic for suspicious packet modifications to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.