CVE-2023-34478 - OpenCVE

Apache Shiro, before 1.12.0 or 2.0.0-alpha-3, may be susceptible to a path traversal attack that results in an authentication bypass when used together with APIs or other web frameworks that route requests based on non-normalized requests. Mitigation: Update to Apache Shiro 1.12.0+ or 2.0.0-alpha-3+

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Apache	Shiro

Configuration 1 [-]

OR	cpe:2.3:a:apache:shiro::::::::
	cpe:2.3:a:apache:shiro:2.0.0:alpha1::::::
	cpe:2.3:a:apache:shiro:2.0.0:alpha2::::::

No data.

References

Link	Providers
http://www.openwall.com/lists/oss-security/2023/07/24/4
https://lists.apache.org/thread/mbv26onkgw9o35rldh7vmq11wpv2t2qk
https://security.netapp.com/advisory/ntap-20230915-0005/

History

No history.

MITRE

Status: PUBLISHED

Assigner: apache

Published: 2023-07-24T18:24:45.619Z

Updated: 2024-08-02T16:10:07.042Z

Reserved: 2023-06-07T18:50:06.956Z

Link: CVE-2023-34478

Vulnrichment

No data.

NVD

Status : Modified

Published: 2023-07-24T19:15:10.630

Modified: 2023-09-15T14:15:10.560

Link: CVE-2023-34478

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-34478", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "state": "PUBLISHED", "assignerShortName": "apache", "dateReserved": "2023-06-07T18:50:06.956Z", "datePublished": "2023-07-24T18:24:45.619Z", "dateUpdated": "2024-08-02T16:10:07.042Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Apache Shiro", "vendor": "Apache Software Foundation", "versions": [{"lessThan": "1.12.0", "status": "affected", "version": "0", "versionType": "semver"}, {"lessThan": "2.0.0-alpha-3", "status": "affected", "version": "0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "value": "tkswifty"}, {"lang": "en", "type": "finder", "value": "Ha1c9on"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Apache Shiro, before 1.12.0 or 2.0.0-alpha-3, <span style=\"background-color: rgb(255, 255, 255);\">may be susceptible to a path traversal attack that results in an authentication bypass when used together with APIs or other web frameworks that route requests based on non-normalized requests.<br><br><strong>Mitigation:</strong><span style=\"background-color: rgb(255, 255, 255);\"> Update to Apache Shiro 1.12.0+ or 2.0.0-alpha-3+</span></span><br>"}], "value": "Apache Shiro, before 1.12.0 or 2.0.0-alpha-3, may be susceptible to a path traversal attack that results in an authentication bypass when used together with APIs or other web frameworks that route requests based on non-normalized requests.\n\nMitigation:\u00a0Update to Apache Shiro 1.12.0+ or 2.0.0-alpha-3+\n"}], "metrics": [{"other": {"content": {"text": "important"}, "type": "Textual description of severity"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2023-07-24T18:24:45.619Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://lists.apache.org/thread/mbv26onkgw9o35rldh7vmq11wpv2t2qk"}, {"url": "http://www.openwall.com/lists/oss-security/2023/07/24/4"}, {"url": "https://security.netapp.com/advisory/ntap-20230915-0005/"}], "source": {"discovery": "UNKNOWN"}, "title": "Apache Shiro before 1.12.0, or 2.0.0-alpha-3, may be susceptible to a path traversal attack when used together with APIs or other web frameworks that route requests based on non-normalized requests.", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T16:10:07.042Z"}, "title": "CVE Program Container", "references": [{"tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.apache.org/thread/mbv26onkgw9o35rldh7vmq11wpv2t2qk"}, {"url": "http://www.openwall.com/lists/oss-security/2023/07/24/4", "tags": ["x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20230915-0005/", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:shiro:*:*:*:*:*:*:*:*", "matchCriteriaId": "AB0BFCA3-CB88-4DCC-9950-B8065EB192F9", "versionEndExcluding": "1.12.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:shiro:2.0.0:alpha1:*:*:*:*:*:*", "matchCriteriaId": "27D6F919-851F-470D-A8E7-0F56C1EA16FC", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:shiro:2.0.0:alpha2:*:*:*:*:*:*", "matchCriteriaId": "A759179A-E4A9-4A6A-9CCB-5BB9CC73F7E7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Apache Shiro, before 1.12.0 or 2.0.0-alpha-3, may be susceptible to a path traversal attack that results in an authentication bypass when used together with APIs or other web frameworks that route requests based on non-normalized requests.\n\nMitigation:\u00a0Update to Apache Shiro 1.12.0+ or 2.0.0-alpha-3+\n"}, {"lang": "es", "value": "Apache Shiro, antes de 1.12.0 o 2.0.0-alpha-3, puede ser susceptible a un ataque de Path Traversal que resulta en una omisi\u00f3n de autenticaci\u00f3n cuando se usa junto con API u otros marcos web que enrutan solicitudes basadas en solicitudes no normalizadas. Mitigaci\u00f3n: actualizaci\u00f3n a Apache Shiro 1.12.0+ o 2.0.0-alpha-3+ "}], "id": "CVE-2023-34478", "lastModified": "2023-09-15T14:15:10.560", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-07-24T19:15:10.630", "references": [{"source": "security@apache.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2023/07/24/4"}, {"source": "security@apache.org", "tags": ["Mailing List"], "url": "https://lists.apache.org/thread/mbv26onkgw9o35rldh7vmq11wpv2t2qk"}, {"source": "security@apache.org", "url": "https://security.netapp.com/advisory/ntap-20230915-0005/"}], "sourceIdentifier": "security@apache.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "security@apache.org", "type": "Primary"}]}