Описание
Apache Shiro before 1.10.0, Authentication Bypass Vulnerability in Shiro when forwarding or including via RequestDispatcher.
A flaw was found in Apache Shiro. An authentication bypass vulnerability occurs when forwarding or including via the RequestDispatcher.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat build of Apache Camel for Spring Boot 3 | shiro-core | Not affected | ||
| Red Hat Fuse 7 | shiro-core | Out of support scope | ||
| Red Hat Integration Camel K 1 | shiro-core | Not affected | ||
| Red Hat Integration Camel Quarkus 2 | shiro-core | Not affected | ||
| Red Hat JBoss Enterprise Application Platform 7 | shiro-core | Not affected | ||
| Red Hat JBoss Enterprise Application Platform 8 | shiro-core | Not affected | ||
| Red Hat JBoss Enterprise Application Platform Expansion Pack | shiro-core | Not affected | ||
| Red Hat JBoss Fuse 6 | shiro-core | Out of support scope | ||
| Red Hat JBoss Fuse Service Works 6 | shiro-core | Out of support scope | ||
| Red Hat OpenShift Application Runtimes | shiro-core | Not affected |
Показывать по
10
Дополнительная информация
Статус:
Important
Дефект:
CWE-287
https://bugzilla.redhat.com/show_bug.cgi?id=2193469shiro: Authentication Bypass Vulnerability
9.8 Critical
CVSS3
Связанные уязвимости
CVSS3: 9.8
ubuntu
больше 3 лет назад
Apache Shiro before 1.10.0, Authentication Bypass Vulnerability in Shiro when forwarding or including via RequestDispatcher.
CVSS3: 9.8
nvd
больше 3 лет назад
Apache Shiro before 1.10.0, Authentication Bypass Vulnerability in Shiro when forwarding or including via RequestDispatcher.
CVSS3: 9.8
debian
больше 3 лет назад
Apache Shiro before 1.10.0, Authentication Bypass Vulnerability in Shi ...
CVSS3: 9.8
github
больше 3 лет назад
Apache Shiro Authentication Bypass vulnerability
9.8 Critical
CVSS3