Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM607040F58DA4793E739F08EA2C0296DFB8A3D91BFF1561FDED37EED2FF40B649
HistoryNov 18, 2020 - 9:15 p.m.

Security Bulletin: Apache Shiro as used by Master Console is vulnerable to improper acceess control (CVE-2020-13933)

2020-11-1821:15:06
www.ibm.com
12

0.002 Low

EPSS

Percentile

55.7%

JSON

Summary

Apache Shiro as used by Master Console is vulnerable to improper acceess control

Vulnerability Details

CVEID:CVE-2020-13933
**DESCRIPTION:**Apache Shiro could allow a remote attacker to bypass security restrictions, caused by improper authentication validation. By sending a specially-crafted HTTP request, an attacker could exploit this vulnerability to bypass access restrictions.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/186901 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)

Affected Products and Versions

Affected Product(s) Version(s)
Master Console 0.7.0 - 1.0.0

Remediation/Fixes

Master Console 1.0.1

Workarounds and Mitigations

None

Related

githubexploit 2
cve 1
prion 1
debiancve 1
veracode 1
osv 4
nessus 3
cvelist 1
github 1
redhatcve 1
ubuntucve 1
nvd 1
openvas 2
debian 1
ubuntu 1
redhat 2
ibm 2
githubexploit
githubexploit
Exploit for Vulnerability in Apache Shiro
2020-09-23 01:55:46
Exploit for Vulnerability in Apache Shiro
2020-09-09 10:20:25
cve
cve
CVE-2020-13933
2020-08-17 21:15:11
prion
prion
Authentication flaw
2020-08-17 21:15:00
debiancve
debiancve
CVE-2020-13933
2020-08-17 21:15:11
veracode
veracode
Authentication Bypass
2020-08-18 03:02:25
osv
osv
CVE-2020-13933
2020-08-17 21:15:00
Authentication bypass in Apache Shiro
2021-05-07 15:54:23
shiro vulnerabilities
2023-09-07 01:36:55
nessus
nessus
Apache Shiro < 1.6.0 Authentication Bypass
2022-06-01 00:00:00
Ubuntu 18.04 ESM / 20.04 LTS : Apache Shiro vulnerabilities (USN-6352-1)
2023-09-07 00:00:00
Debian DLA-2726-1 : shiro - LTS security update
2021-08-05 00:00:00
cvelist
cvelist
CVE-2020-13933
2020-08-17 20:19:53
github
github
Authentication bypass in Apache Shiro
2021-05-07 15:54:23
redhatcve
redhatcve
CVE-2020-13933
2020-08-18 19:45:28
ubuntucve
ubuntucve
CVE-2020-13933
2020-08-17 00:00:00
nvd
nvd
CVE-2020-13933
2020-08-17 21:15:11
openvas
openvas
Ubuntu: Security Advisory (USN-6352-1)
2023-09-08 00:00:00
Debian: Security Advisory (DLA-2726-1)
2021-08-03 00:00:00
debian
debian
[SECURITY] [DLA 2726-1] shiro security update
2021-08-02 22:10:13
ubuntu
ubuntu
Apache Shiro vulnerabilities
2023-09-07 00:00:00
redhat
redhat
(RHSA-2021:0384) Important: Red Hat JBoss Fuse/A-MQ 6.3 R18 security and bug fix update
2021-02-02 14:19:22
(RHSA-2020:5568) Important: Red Hat Fuse 7.8.0 release and security update
2020-12-16 12:07:05
ibm
ibm
Security Bulletin: IBM Cognos Analytics with Watson 11.2.1 has addressed multiple vulnerabilities
2021-10-14 21:21:20
Security Bulletin: IBM Planning Analytics Workspace is affected by security vulnerabilities
2021-09-24 16:54:42

0.002 Low

EPSS

Percentile

55.7%

JSON
Related for 607040F58DA4793E739F08EA2C0296DFB8A3D91BFF1561FDED37EED2FF40B649
githubexploit2cve1prion1debiancve1veracode1osv4nessus3cvelist1github1redhatcve1ubuntucve1nvd1openvas2debian1ubuntu1redhat2ibm2