6 matches found
Apache Shiro < 1.8.0 Authentication Bypass
Apache Shiro before 1.8.0, when using Apache Shiro with Spring Boot, a specially crafted HTTP request may cause an authentication bypass. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. C Tenable, Inc...
CVE-2021-41303
Apache Shiro before 1.8.0, when using Apache Shiro with Spring Boot, a specially crafted HTTP request may cause an authentication bypass. Users should update to Apache Shiro 1.8.0...
CVE-2021-41303
Apache Shiro before 1.8.0, when using Apache Shiro with Spring Boot, a specially crafted HTTP request may cause an authentication bypass. Users should update to Apache Shiro 1.8.0...
CVE-2021-41303
Apache Shiro prior to 1.8.0 (when used with Spring Boot) is affected by an authentication bypass via specially crafted HTTP requests. The CVE-2021-41303 entry notes a high/critical impact (C:H/I:H/A:H in CVSS 3.1) and recommends upgrading to Apache Shiro 1.8.0 or later to remediate. Connected doc...
CVE-2021-41303 Apache Shiro before 1.8.0, when using Apache Shiro with Spring Boot, a specially crafted HTTP request may cause an authentication bypass
Apache Shiro before 1.8.0, when using Apache Shiro with Spring Boot, a specially crafted HTTP request may cause an authentication bypass. Users should update to Apache Shiro 1.8.0...
CVE-2021-41303
Apache Shiro before 1.8.0, when using Apache Shiro with Spring Boot, a specially crafted HTTP request may cause an authentication bypass. Users should update to Apache Shiro 1.8.0...