Apache Shiro is vulnerable to padding oracle attack. The attack is possible as it adopts RememberMe
configuration for cookies as a default and uses CBC mode of encryption, which would allow an attacker to perform a Java deserialization attack that results in remote code execution.
CPE | Name | Operator | Version |
---|---|---|---|
apache shiro :: cryptography :: ciphers | le | 1.4.1 | |
apache shiro :: cryptography :: ciphers | le | 1.4.1 |
issues.apache.org/jira/browse/SHIRO-721
lists.apache.org/thread.html/c9db14cfebfb8e74205884ed2bf2e2b30790ce24b7dde9191c82572c@%3Cdev.shiro.apache.org%3E
lists.apache.org/thread.html/r2d2612c034ab21a3a19d2132d47d3e4aa70105008dd58af62b653040@%3Ccommits.shiro.apache.org%3E
meterpreter.org/unpatch-apache-shiro-padding-oracle-remote-code-execution-vulnerability-alert/
www.mail-archive.com/[email protected]/msg04944.html