CVE-2021-41303

Apache Shiro before 1.8.0, when using Apache Shiro with Spring Boot, a specially crafted HTTP request may cause an authentication bypass. Users should update to Apache Shiro 1.8.0.
Configurations

Configuration 1 (hide)

cpe:2.3:a:apache:shiro:*:*:*:*:*:*:*:*

Information

Published : 2021-09-17 02:15

Updated : 2021-12-01 06:20


NVD link : CVE-2021-41303

Mitre link : CVE-2021-41303


JSON object : View

CWE
CWE-287

Improper Authentication

Products Affected

apache

  • shiro