{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-31924", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "state": "PUBLISHED", "assignerShortName": "apache", "dateReserved": "2026-03-10T12:14:05.125Z", "datePublished": "2026-04-14T08:08:05.615Z", "dateUpdated": "2026-04-14T19:51:55.994Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Apache APISIX", "vendor": "Apache Software Foundation", "versions": [{"lessThanOrEqual": "3.15.0", "status": "affected", "version": "2.99.0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Oleh Konko"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Cleartext Transmission of Sensitive Information vulnerability in Apache APISIX.</p>tencent-cloud-cls log export uses plaintext HTTP<br><p>This issue affects Apache APISIX: from 2.99.0 through 3.15.0.</p><p>Users are recommended to upgrade to version 3.16.0, which fixes the issue.</p>"}], "value": "Cleartext Transmission of Sensitive Information vulnerability in Apache APISIX.\n\ntencent-cloud-cls log export uses plaintext HTTP\nThis issue affects Apache APISIX: from 2.99.0 through 3.15.0.\n\nUsers are recommended to upgrade to version 3.16.0, which fixes the issue."}], "metrics": [{"other": {"content": {"text": "moderate"}, "type": "Textual description of severity"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-319", "description": "CWE-319 Cleartext Transmission of Sensitive Information", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2026-04-14T08:08:05.615Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://lists.apache.org/thread/sqxjjlt87c1q28db28ztdxylm5pgwohq"}], "source": {"discovery": "UNKNOWN"}, "title": "Apache APISIX: Plugin tencent-cloud-cls log export uses plaintext HTTP", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"title": "CVE Program Container", "references": [{"url": "http://www.openwall.com/lists/oss-security/2026/04/14/2"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2026-04-14T08:37:18.355Z"}}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-04-14T19:51:31.208191Z", "id": "CVE-2026-31924", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-14T19:51:55.994Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://www.openwall.com/lists/oss-security/2026/04/14/2"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2026-04-14T08:37:18.355Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-31924", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-14T19:51:31.208191Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-14T19:51:48.320Z"}}], "cna": {"title": "Apache APISIX: Plugin tencent-cloud-cls log export uses plaintext HTTP", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Oleh Konko"}], "metrics": [{"other": {"type": "Textual description of severity", "content": {"text": "moderate"}}}], "affected": [{"vendor": "Apache Software Foundation", "product": "Apache APISIX", "versions": [{"status": "affected", "version": "2.99.0", "versionType": "semver", "lessThanOrEqual": "3.15.0"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://lists.apache.org/thread/sqxjjlt87c1q28db28ztdxylm5pgwohq", "tags": ["vendor-advisory"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Cleartext Transmission of Sensitive Information vulnerability in Apache APISIX.\n\ntencent-cloud-cls log export uses plaintext HTTP\nThis issue affects Apache APISIX: from 2.99.0 through 3.15.0.\n\nUsers are recommended to upgrade to version 3.16.0, which fixes the issue.", "supportingMedia": [{"type": "text/html", "value": "<p>Cleartext Transmission of Sensitive Information vulnerability in Apache APISIX.</p>tencent-cloud-cls log export uses plaintext HTTP<br><p>This issue affects Apache APISIX: from 2.99.0 through 3.15.0.</p><p>Users are recommended to upgrade to version 3.16.0, which fixes the issue.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-319", "description": "CWE-319 Cleartext Transmission of Sensitive Information"}]}], "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2026-04-14T08:08:05.615Z"}}}, "cveMetadata": {"cveId": "CVE-2026-31924", "state": "PUBLISHED", "dateUpdated": "2026-04-14T19:51:55.994Z", "dateReserved": "2026-03-10T12:14:05.125Z", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "datePublished": "2026-04-14T08:08:05.615Z", "assignerShortName": "apache"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:apisix:*:*:*:*:*:*:*:*", "matchCriteriaId": "AA885B02-B64C-4946-AC4D-C8676B535381", "versionEndExcluding": "3.16.0", "versionStartIncluding": "2.99.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Cleartext Transmission of Sensitive Information vulnerability in Apache APISIX.\n\ntencent-cloud-cls log export uses plaintext HTTP\nThis issue affects Apache APISIX: from 2.99.0 through 3.15.0.\n\nUsers are recommended to upgrade to version 3.16.0, which fixes the issue."}], "id": "CVE-2026-31924", "lastModified": "2026-04-17T18:38:47.130", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-04-14T09:16:35.953", "references": [{"source": "security@apache.org", "tags": ["Mailing List", "Vendor Advisory"], "url": "https://lists.apache.org/thread/sqxjjlt87c1q28db28ztdxylm5pgwohq"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2026/04/14/2"}], "sourceIdentifier": "security@apache.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-319"}], "source": "security@apache.org", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[2.99.0,3.15.0]"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Apache APISIX", "source": "cna", "vendor": "Apache Software Foundation"}, "product": "apisix", "vendor": "apache"}], "analysis": {"en": {"generated_at": "2026-04-14T21:52:40.567244+00:00", "value": {"mitigation_remediation": ["Upgrade Apache APISIX to version 3.16.0 or later as released by the vendor", "Verify that outbound log traffic to Tencent Cloud CLS no longer uses HTTP", "Monitor network traffic for any remaining plaintext log transmissions", "Keep Apache APISIX and its plugins updated regularly"], "summary": {"action": "Patch", "impact": "Cleartext transmission of sensitive information"}, "threat_synthesis": {"affected_systems": "Apache APISIX, released by the Apache Software Foundation, is affected in versions 2.99.0 through 3.15.0. Deployments that use the tencent-cloud-cls log export plugin in these versions are vulnerable unless mitigated.", "description_and_impact": "The vulnerability in Apache APISIX allows the tencent-cloud-cls log export plugin to transmit log data over unencrypted HTTP, exposing sensitive information in cleartext. This flaw permits an attacker to intercept the log traffic and view its contents, potentially revealing confidential data. The weakness maps to data being sent without encryption (CWE\u2011319) and does not lead to code execution or denial of service.", "risk_and_exploitability": "The CVSS score of 5.3 indicates moderate severity, and the EPSS score of less than 1% signals a low probability of exploitation in the near term. The vulnerability is not listed in the CISA KEV catalog. The likely attack vector is a network eavesdropper able to capture HTTP traffic between an APISIX instance and the Tencent Cloud CLS service, thereby obtaining the unencrypted log data."}}}}, "created": "2026-04-14T16:15:48.106453+00:00", "updated": "2026-04-15T15:30:06.832043+00:00", "vendors": ["apache", "apache$PRODUCT$apisix"]}