Rewterz Threat Alert – Bitter APT Group – IOCs
February 2, 2021Rewterz Threat Advisory – CVE-2021-25249 – Trend Micro Apex One privilege escalation
February 2, 2021Rewterz Threat Alert – Bitter APT Group – IOCs
February 2, 2021Rewterz Threat Advisory – CVE-2021-25249 – Trend Micro Apex One privilege escalation
February 2, 2021Severity
High
Analysis Summary
CVE-2020-17523
Apache Shiro could allow a remote attacker to bypass security restrictions, caused by improper authenticated validation when using with Spring. By sending a specially-crafted HTTP request, an attacker could exploit this vulnerability to bypass access restrictions.
Impact
Security bypass
Affected Vendors
Apache
Affected Products
Apache Shiro 1.7.0
Remediation
Upgrade to the latest version of Apache Shiro (1.7.1 or later)