PT-2026-60109 · Apollo · Apollo

Published

2026-07-13

·

Updated

2026-07-15

·

CVE-2026-59954

CVSS v3.1

7.5

High

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions Apollo versions prior to 2.5.2
Description Apollo ConfigService may allow unauthorized access to configuration data when AccessKey or management key authentication is enabled. The issue occurs because ConfigService can accept a non-canonical appId variant during authentication, which may cause the system to treat the request as having no available secrets and bypass signature verification. However, downstream request handling may still resolve this variant to the protected app due to database collations that treat different values as equivalent, such as accent variants under accent-insensitive collations or trailing-space variants under PAD SPACE collations. This allows an unauthenticated remote attacker to read configuration data via the /configs and /configfiles endpoints.
Recommendations Update to version 2.5.2.

Fix

Improper Authentication

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-59954
GHSA-4W3Q-QPFQ-V992

Affected Products

Apollo