CVE-2020-1957

Summary

Apache Shiro before 1.5.2, when using Apache Shiro with Spring dynamic controllers, a specially crafted request may cause an authentication bypass.

Affected Software

VendorProductVersion RangeStatus
n/aApache ShiroApache Shiro to 1.5.2affected

Weaknesses

  • Authentication Bypass

ADP Enrichment

CVE Program Container

Additional References

References