Lucene search
K

8 matches found

F5 Networks
F5 Networks
added 2023/02/21 6:47 p.m.53 views

K30671731: Apache Shiro vulnerability CVE-2022-40664

Security Advisory Description Apache Shiro before 1.10.0, Authentication Bypass Vulnerability in Shiro when forwarding or including via RequestDispatcher. CVE-2022-40664 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development...

9.8CVSS9.1AI score0.0221EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/10 10:50 a.m.31 views

Security Bulletin: IBM Sterling Partner Engagement Manager is vulnerable to security bypass due to Apache Shiro (CVE-2022-40664)

Summary IBM Sterling Partner Engagement Manager has addressed a vulnerability that are published by Apache Shiro. Vulnerability Details CVEID:CVE-2022-40664 DESCRIPTION: Apache Shiro could allow a remote attacker to bypass security restrictions. By using RequestDispatcher when forwarding or...

9.8CVSS9.3AI score0.0221EPSS
Exploits0Affected Software1
vulnersOsv
vulnersOsv
added 2022/10/12 12:0 p.m.6 views

org.apache.camel:camel-shiro (=2.5.0), org.apache.shiro.samples:samples-aspectj (=1.0.0-incubating) +29 more potentially affected by CVE-2022-40664 via org.apache.shiro:shiro-core (=1.0.0-incubating)

org.apache.shiro:shiro-core MAVEN version =1.0.0-incubating is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.shiro:shiro-core and may be impacted: - org.apache.camel:camel-shiro =2.5.0 - org.apache.shiro.samples:samples-aspectj...

9.8CVSS7.2AI score0.0221EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2022/10/12 7:15 a.m.24 views

CVE-2022-40664

Apache Shiro before 1.10.0, Authentication Bypass Vulnerability in Shiro when forwarding or including via RequestDispatcher...

9.8CVSS7.2AI score0.0221EPSS
Exploits0References6
CVE
CVE
added 2022/10/12 12:0 a.m.147 views

CVE-2022-40664

CVE-2022-40664: Apache Shiro authentication bypass via RequestDispatcher forward/include. Described as a bypass vulnerability (Shiro before 1.10.0) with potential unauthorized access. The connected Broadcom/BSA entries reiterate the Shiro bypass detail; no explicit patch/version in these document...

9.8CVSS9.4AI score0.0221EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVE
added 2022/10/12 12:0 a.m.128 views

CVE-2022-40664

Apache Shiro before 1.10.0, Authentication Bypass Vulnerability in Shiro when forwarding or including via RequestDispatcher...

9.8CVSS9.5AI score0.0221EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2022/10/12 12:0 a.m.8 views

CVE-2022-40664 Authentication Bypass Vulnerability in Shiro when forwarding or including via RequestDispatcher

Apache Shiro before 1.10.0, Authentication Bypass Vulnerability in Shiro when forwarding or including via RequestDispatcher...

9.5AI score0.0221EPSS
Exploits0References5
Cvelist
Cvelist
added 2022/10/12 12:0 a.m.20 views

CVE-2022-40664 Authentication Bypass Vulnerability in Shiro when forwarding or including via RequestDispatcher

Apache Shiro before 1.10.0, Authentication Bypass Vulnerability in Shiro when forwarding or including via RequestDispatcher...

9.6AI score0.0221EPSS
Exploits0References5
Rows per page
Query Builder