Apache Shiro before 1.7.1, when using Apache Shiro with Spring, a specially crafted HTTP request may cause an authentication bypass.
References
Configurations
History
07 Nov 2023, 03:19
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2021-02-03 17:15
Updated : 2024-02-28 18:08
NVD link : CVE-2020-17523
Mitre link : CVE-2020-17523
CVE.ORG link : CVE-2020-17523
JSON object : View
Products Affected
apache
- shiro
CWE
CWE-287
Improper Authentication