CVE-2010-3863

Apache Shiro before 1.1.0, and JSecurity 0.9.x, does not canonicalize URI paths before comparing them to entries in the shiro.ini file, which allows remote attackers to bypass intended access restrictions via a crafted request, as demonstrated by the /./account/index.jsp URI.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://archives.neohapsis.com/archives/fulldisclosure/2010-11/0020.html	Exploit
http://www.securityfocus.com/bid/44616	Exploit
http://secunia.com/advisories/41989	Vendor Advisory
http://osvdb.org/69067
http://www.vupen.com/english/advisories/2010/2888
https://exchange.xforce.ibmcloud.com/vulnerabilities/62959
http://www.securityfocus.com/archive/1/514616/100/0/threaded

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:apache:shiro::::::::
	cpe:2.3:a:jsecurity:jsecurity:0.9.0:::::::*

Information

Published : 2010-11-05 10:00

Updated : 2018-10-10 13:05

NVD link : CVE-2010-3863

Mitre link : CVE-2010-3863

JSON object : View

CWE

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Products Affected

jsecurity

jsecurity

apache

shiro

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-11/0020.html", "name": "20101102 CVE-2010-3863: Apache Shiro information disclosure vulnerability", "tags": ["Exploit"], "refsource": "FULLDISC"}, {"url": "http://www.securityfocus.com/bid/44616", "name": "44616", "tags": ["Exploit"], "refsource": "BID"}, {"url": "http://secunia.com/advisories/41989", "name": "41989", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://osvdb.org/69067", "name": "69067", "tags": [], "refsource": "OSVDB"}, {"url": "http://www.vupen.com/english/advisories/2010/2888", "name": "ADV-2010-2888", "tags": [], "refsource": "VUPEN"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62959", "name": "shiro-filters-security-bypass(62959)", "tags": [], "refsource": "XF"}, {"url": "http://www.securityfocus.com/archive/1/514616/100/0/threaded", "name": "20101103 CVE-2010-3863: Apache Shiro information disclosure vulnerability", "tags": [], "refsource": "BUGTRAQ"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Apache Shiro before 1.1.0, and JSecurity 0.9.x, does not canonicalize URI paths before comparing them to entries in the shiro.ini file, which allows remote attackers to bypass intended access restrictions via a crafted request, as demonstrated by the /./account/index.jsp URI."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-22"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2010-3863", "ASSIGNER": "secalert@redhat.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2010-11-05T17:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:apache:shiro:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "1.0.0"}, {"cpe23Uri": "cpe:2.3:a:jsecurity:jsecurity:0.9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2018-10-10T20:05Z"}

5.0 /10