Lucene search
PRIOn knowledge basePRION:CVE-2023-46749HistoryJan 15, 2024 - 10:15 a.m.
Path traversal
2024-01-1510:15:00
PRIOn knowledge base
www.prio-n.com
5
apache shiro
path traversal
authentication bypass
path rewriting
mitigation
nvd
Apache Shiro before 1.13.0 or 2.0.0-alpha-4, may be susceptible to a path traversal attack that results in an authentication bypass when used together with path rewriting
Mitigation: Update to Apache Shiro 1.13.0+ or 2.0.0-alpha-4+, or ensure blockSemicolon is enabled (this is the default).
| CPE | Name | Operator | Version |
|---|---|---|---|
| shiro | eq | 2.0.0 alpha2 | |
| shiro | eq | 2.0.0 alpha1 | |
| shiro | eq | 2.0.0 alpha3 | |
| shiro | lt | 1.13.0 |
Related
ubuntucve
ubuntucve
CVE-2023-46749
2024-01-15 00:00:00
cvelist
cvelist
cve
cve
CVE-2023-46749
2024-01-15 10:15:26
redhatcve
redhatcve
CVE-2023-46749
2024-01-12 21:30:54
osv
osv
Apache Shiro vulnerable to path traversal
2024-01-15 12:30:19
CVE-2023-46749
2024-01-15 10:15:26
veracode
veracode
Path Traversal
2024-01-16 05:48:38
github
github
Apache Shiro vulnerable to path traversal
2024-01-15 12:30:19
nvd
nvd
CVE-2023-46749
2024-01-15 10:15:26
debiancve
debiancve
CVE-2023-46749
2024-01-15 10:15:26
redhat
redhat
(RHSA-2024:3354) Important: Red Hat Fuse 7.13.0 release and security update
2024-05-23 22:44:00
ibm
ibm