CVE-2020-17510

Missing Authentication for Critical Function in maven/org.apache.shiro/shiro-all

Identifier

CVE-2020-17510

Package Slug

maven/org.apache.shiro/shiro-all

Vulnerability

Missing Authentication for Critical Function

Description

Apache Shiro, when using Apache Shiro with Spring, a specially crafted HTTP request may cause an authentication bypass.

Affected Versions

All versions before 1.7.0

Solution

Upgrade to version 1.7.0 or above.

Last Modified

2020-11-16

source