Lucene search
K

8 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2024/03/07 11:42 a.m.23 views

Security Bulletin: Vulnerability in Apache Shiro affects IBM WebSphere Service Registry and Repository

Summary A bypass access restrictions vulnerability in Apache Shiro CVE-2023-22602 affects IBM WebSphere Service Registry and Repository. This bulletin identifies the steps to take to address this vulnerability. Vulnerability Details CVEID:CVE-2023-22602 DESCRIPTION: Apache Shiro could allow a...

7.5CVSS7.4AI score0.01553EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/09/25 12:0 a.m.71 views

Apache Shiro < 1.11.0 Authentication Bypass

Apache Shiro before 1.11.0, when using Apache Shiro with Spring Boot 2.6+, a specially crafted HTTP request may cause an authentication bypass. The authentication bypass occurs when Shiro and Spring Boot are using different pattern-matching techniques. Both Shiro and Spring Boot 2.6 default to An...

7.5CVSS7.3AI score0.01553EPSS
Exploits0References2
NVD
NVD
added 2023/01/14 10:15 a.m.23 views

CVE-2023-22602

When using Apache Shiro before 1.11.0 together with Spring Boot 2.6+, a specially crafted HTTP request may cause an authentication bypass. The authentication bypass occurs when Shiro and Spring Boot are using different pattern-matching techniques. Both Shiro and Spring Boot 2.6 default to Ant sty...

7.5CVSS7.7AI score0.01553EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2023/01/14 10:15 a.m.35 views

CVE-2023-22602

When using Apache Shiro before 1.11.0 together with Spring Boot 2.6+, a specially crafted HTTP request may cause an authentication bypass. The authentication bypass occurs when Shiro and Spring Boot are using different pattern-matching techniques. Both Shiro and Spring Boot 2.6 default to Ant sty...

7.5CVSS7.1AI score0.01553EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2023/01/14 9:33 a.m.61 views

CVE-2023-22602

When using Apache Shiro before 1.11.0 together with Spring Boot 2.6+, a specially crafted HTTP request may cause an authentication bypass. The authentication bypass occurs when Shiro and Spring Boot are using different pattern-matching techniques. Both Shiro and Spring Boot 2.6 default to Ant sty...

7.5CVSS7.7AI score0.01553EPSS
Exploits0
OSV
OSV
added 2023/01/14 9:33 a.m.22 views

CVE-2023-22602 Apache Shiro before 1.11.0, when used with Spring Boot 2.6+, may allow authentication bypass through a specially crafted HTTP request

When using Apache Shiro before 1.11.0 together with Spring Boot 2.6+, a specially crafted HTTP request may cause an authentication bypass. The authentication bypass occurs when Shiro and Spring Boot are using different pattern-matching techniques. Both Shiro and Spring Boot 2.6 default to Ant sty...

7.5CVSS7AI score0.01553EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/01/14 9:33 a.m.18 views

CVE-2023-22602 Apache Shiro before 1.11.0, when used with Spring Boot 2.6+, may allow authentication bypass through a specially crafted HTTP request

When using Apache Shiro before 1.11.0 together with Spring Boot 2.6+, a specially crafted HTTP request may cause an authentication bypass. The authentication bypass occurs when Shiro and Spring Boot are using different pattern-matching techniques. Both Shiro and Spring Boot 2.6 default to Ant sty...

7AI score0.01553EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/01/14 9:33 a.m.40 views

CVE-2023-22602 Apache Shiro before 1.11.0, when used with Spring Boot 2.6+, may allow authentication bypass through a specially crafted HTTP request

When using Apache Shiro before 1.11.0 together with Spring Boot 2.6+, a specially crafted HTTP request may cause an authentication bypass. The authentication bypass occurs when Shiro and Spring Boot are using different pattern-matching techniques. Both Shiro and Spring Boot 2.6 default to Ant sty...

7.9AI score0.01553EPSS
Exploits0References1
Rows per page
Query Builder