Rewterz Threat Advisory – CVE-2020-17510 – Apache Shiro security bypass

Severity

High

Analysis Summary

Apache Shiro could allow a remote attacker to bypass security restrictions, caused by a flaw when using Spring. By sending a specially-crafted HTTP request, an attacker could exploit this vulnerability to bypass access restrictions.

Impact

Bypass Security

Remediation

Upgrade to the latest version of Apache Shiro (1.7.0 or later).