cvedb.io
CVE-2023-22495
CRITICAL · CVSS 9.8
EPSS exploitation probability: 0%
Published 2023-01-14T01:15:15.300 · Last modified 2026-06-17T05:35:35.077

Summary

Izanami is a shared configuration service well-suited for micro-service architecture implementation. Attackers can bypass the authentication in this application when deployed using the official Docker image. Because a hard coded secret is used to sign the authentication token (JWT), an attacker could compromise another instance of Izanami. This issue has been patched in version 1.11.0.

Affected products

maif — izanami

Does this affect you?

Add your gear to cvedb and we'll alert you only when maif ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.