OpenCVE

Apache Shiro, before 1.12.0 or 2.0.0-alpha-3, may be susceptible to a path traversal attack that results in an authentication bypass when used together with APIs or other web frameworks that route requests based on non-normalized requests. Mitigation: Update to Apache Shiro 1.12.0+ or 2.0.0-alpha-3+

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact total

Vendors	Products
Apache	Shiro

Configuration 1 [-]

OR	cpe:2.3:a:apache:shiro::::::::
	cpe:2.3:a:apache:shiro:2.0.0:alpha1::::::
	cpe:2.3:a:apache:shiro:2.0.0:alpha2::::::

No data.

References

Link	Providers
http://www.openwall.com/lists/oss-security/2023/07/24/4
https://lists.apache.org/thread/mbv26onkgw9o35rldh7vmq11wpv2t2qk
https://security.netapp.com/advisory/ntap-20230915-0005/

History

Wed, 02 Oct 2024 19:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: apache

Published: 2023-07-24T18:24:45.619Z

Updated: 2024-10-02T18:29:59.782Z

Reserved: 2023-06-07T18:50:06.956Z

Link: CVE-2023-34478

Vulnrichment

Updated: 2024-08-02T16:10:07.042Z

NVD

Status : Modified

Published: 2023-07-24T19:15:10.630

Modified: 2024-11-21T08:07:20.607

Link: CVE-2023-34478

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-34478", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "state": "PUBLISHED", "assignerShortName": "apache", "dateReserved": "2023-06-07T18:50:06.956Z", "datePublished": "2023-07-24T18:24:45.619Z", "dateUpdated": "2024-10-02T18:29:59.782Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Apache Shiro", "vendor": "Apache Software Foundation", "versions": [{"lessThan": "1.12.0", "status": "affected", "version": "0", "versionType": "semver"}, {"lessThan": "2.0.0-alpha-3", "status": "affected", "version": "0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "value": "tkswifty"}, {"lang": "en", "type": "finder", "value": "Ha1c9on"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Apache Shiro, before 1.12.0 or 2.0.0-alpha-3, <span style=\"background-color: rgb(255, 255, 255);\">may be susceptible to a path traversal attack that results in an authentication bypass when used together with APIs or other web frameworks that route requests based on non-normalized requests.<br><br><strong>Mitigation:</strong><span style=\"background-color: rgb(255, 255, 255);\"> Update to Apache Shiro 1.12.0+ or 2.0.0-alpha-3+</span></span><br>"}], "value": "Apache Shiro, before 1.12.0 or 2.0.0-alpha-3, may be susceptible to a path traversal attack that results in an authentication bypass when used together with APIs or other web frameworks that route requests based on non-normalized requests.\n\nMitigation:\u00a0Update to Apache Shiro 1.12.0+ or 2.0.0-alpha-3+\n"}], "metrics": [{"other": {"content": {"text": "important"}, "type": "Textual description of severity"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2023-07-24T18:24:45.619Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://lists.apache.org/thread/mbv26onkgw9o35rldh7vmq11wpv2t2qk"}, {"url": "http://www.openwall.com/lists/oss-security/2023/07/24/4"}, {"url": "https://security.netapp.com/advisory/ntap-20230915-0005/"}], "source": {"discovery": "UNKNOWN"}, "title": "Apache Shiro before 1.12.0, or 2.0.0-alpha-3, may be susceptible to a path traversal attack when used together with APIs or other web frameworks that route requests based on non-normalized requests.", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T16:10:07.042Z"}, "title": "CVE Program Container", "references": [{"tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.apache.org/thread/mbv26onkgw9o35rldh7vmq11wpv2t2qk"}, {"url": "http://www.openwall.com/lists/oss-security/2023/07/24/4", "tags": ["x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20230915-0005/", "tags": ["x_transferred"]}]}, {"affected": [{"vendor": "apache", "product": "shiro", "cpes": ["cpe:2.3:a:apache:shiro:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "1.12.0", "versionType": "custom"}]}, {"vendor": "apache", "product": "shiro", "cpes": ["cpe:2.3:a:apache:shiro:2.0.0:alpha2:*:*:*:*:*:*", "cpe:2.3:a:apache:shiro:2.0.0:alpha1:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "2.0.0alpha1", "status": "affected"}, {"version": "2.0.0alpha2", "status": "affected"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-10-02T18:25:43.914210Z", "id": "CVE-2023-34478", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-02T18:29:59.782Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://lists.apache.org/thread/mbv26onkgw9o35rldh7vmq11wpv2t2qk", "tags": ["vendor-advisory", "x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2023/07/24/4", "tags": ["x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20230915-0005/", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T16:10:07.042Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2023-34478", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-10-02T18:25:43.914210Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:apache:shiro:*:*:*:*:*:*:*:*"], "vendor": "apache", "product": "shiro", "versions": [{"status": "affected", "version": "0", "lessThan": "1.12.0", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:apache:shiro:2.0.0:alpha2:*:*:*:*:*:*", "cpe:2.3:a:apache:shiro:2.0.0:alpha1:*:*:*:*:*:*"], "vendor": "apache", "product": "shiro", "versions": [{"status": "affected", "version": "2.0.0alpha1"}, {"status": "affected", "version": "2.0.0alpha2"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-02T18:29:48.657Z"}}], "cna": {"title": "Apache Shiro before 1.12.0, or 2.0.0-alpha-3, may be susceptible to a path traversal attack when used together with APIs or other web frameworks that route requests based on non-normalized requests.", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "tkswifty"}, {"lang": "en", "type": "finder", "value": "Ha1c9on"}], "metrics": [{"other": {"type": "Textual description of severity", "content": {"text": "important"}}}], "affected": [{"vendor": "Apache Software Foundation", "product": "Apache Shiro", "versions": [{"status": "affected", "version": "0", "lessThan": "1.12.0", "versionType": "semver"}, {"status": "affected", "version": "0", "lessThan": "2.0.0-alpha-3", "versionType": "semver"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://lists.apache.org/thread/mbv26onkgw9o35rldh7vmq11wpv2t2qk", "tags": ["vendor-advisory"]}, {"url": "http://www.openwall.com/lists/oss-security/2023/07/24/4"}, {"url": "https://security.netapp.com/advisory/ntap-20230915-0005/"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "Apache Shiro, before 1.12.0 or 2.0.0-alpha-3, may be susceptible to a path traversal attack that results in an authentication bypass when used together with APIs or other web frameworks that route requests based on non-normalized requests.\n\nMitigation:\u00a0Update to Apache Shiro 1.12.0+ or 2.0.0-alpha-3+\n", "supportingMedia": [{"type": "text/html", "value": "Apache Shiro, before 1.12.0 or 2.0.0-alpha-3, <span style=\"background-color: rgb(255, 255, 255);\">may be susceptible to a path traversal attack that results in an authentication bypass when used together with APIs or other web frameworks that route requests based on non-normalized requests.<br><br><strong>Mitigation:</strong><span style=\"background-color: rgb(255, 255, 255);\"> Update to Apache Shiro 1.12.0+ or 2.0.0-alpha-3+</span></span><br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2023-07-24T18:24:45.619Z"}}}, "cveMetadata": {"cveId": "CVE-2023-34478", "state": "PUBLISHED", "dateUpdated": "2024-10-02T18:29:59.782Z", "dateReserved": "2023-06-07T18:50:06.956Z", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "datePublished": "2023-07-24T18:24:45.619Z", "assignerShortName": "apache"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:shiro:*:*:*:*:*:*:*:*", "matchCriteriaId": "AB0BFCA3-CB88-4DCC-9950-B8065EB192F9", "versionEndExcluding": "1.12.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:shiro:2.0.0:alpha1:*:*:*:*:*:*", "matchCriteriaId": "27D6F919-851F-470D-A8E7-0F56C1EA16FC", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:shiro:2.0.0:alpha2:*:*:*:*:*:*", "matchCriteriaId": "A759179A-E4A9-4A6A-9CCB-5BB9CC73F7E7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Apache Shiro, before 1.12.0 or 2.0.0-alpha-3, may be susceptible to a path traversal attack that results in an authentication bypass when used together with APIs or other web frameworks that route requests based on non-normalized requests.\n\nMitigation:\u00a0Update to Apache Shiro 1.12.0+ or 2.0.0-alpha-3+\n"}, {"lang": "es", "value": "Apache Shiro, antes de 1.12.0 o 2.0.0-alpha-3, puede ser susceptible a un ataque de Path Traversal que resulta en una omisi\u00f3n de autenticaci\u00f3n cuando se usa junto con API u otros marcos web que enrutan solicitudes basadas en solicitudes no normalizadas. Mitigaci\u00f3n: actualizaci\u00f3n a Apache Shiro 1.12.0+ o 2.0.0-alpha-3+ "}], "id": "CVE-2023-34478", "lastModified": "2024-11-21T08:07:20.607", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2023-07-24T19:15:10.630", "references": [{"source": "security@apache.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2023/07/24/4"}, {"source": "security@apache.org", "tags": ["Mailing List"], "url": "https://lists.apache.org/thread/mbv26onkgw9o35rldh7vmq11wpv2t2qk"}, {"source": "security@apache.org", "url": "https://security.netapp.com/advisory/ntap-20230915-0005/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2023/07/24/4"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "https://lists.apache.org/thread/mbv26onkgw9o35rldh7vmq11wpv2t2qk"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.netapp.com/advisory/ntap-20230915-0005/"}], "sourceIdentifier": "security@apache.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "security@apache.org", "type": "Secondary"}]}