CVE-2021-41303

Improper Authentication in maven/org.apache.shiro/shiro-spring-boot-web-starter

Identifier

CVE-2021-41303

Package Slug

maven/org.apache.shiro/shiro-spring-boot-web-starter

Vulnerability

Improper Authentication

Description

When using Apache Shiro with Spring Boot, a specially crafted HTTP request may cause an authentication bypass.

Affected Versions

All versions before 1.8.0

Solution

Upgrade to version 1.8.0 or above.

Last Modified

2021-09-30

source