CVE-2020-17510
Missing Authentication for Critical Function in maven/org.apache.shiro/shiro-all
Identifiers
CVE-2020-17510
Package Slug
maven/org.apache.shiro/shiro-all
Vulnerability
Missing Authentication for Critical Function
Description
Apache Shiro, when using Apache Shiro with Spring, a specially crafted HTTP request may cause an authentication bypass.
Affected Versions
All versions before 1.7.0
Solution
Upgrade to version 1.7.0 or above.
Last Modified
2020-11-16
| source |