PT-2026-60109 · Apollo · Apollo
Published
2026-07-13
·
Updated
2026-07-15
·
CVE-2026-59954
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Apollo versions prior to 2.5.2
Description
Apollo ConfigService may allow unauthorized access to configuration data when AccessKey or management key authentication is enabled. The issue occurs because ConfigService can accept a non-canonical
appId variant during authentication, which may cause the system to treat the request as having no available secrets and bypass signature verification. However, downstream request handling may still resolve this variant to the protected app due to database collations that treat different values as equivalent, such as accent variants under accent-insensitive collations or trailing-space variants under PAD SPACE collations. This allows an unauthenticated remote attacker to read configuration data via the /configs and /configfiles endpoints.Recommendations
Update to version 2.5.2.
Fix
Improper Authentication
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Apollo