November 20, 2023
Severity Medium Analysis Summary Agent Tesla is a very popular spyware Trojan built for the.NET framework. Since its initial appearance in 2014, this has been deployed […]
Rewterz Threat Advisory – Multiple Adobe InDesign Vulnerabilities
January 17, 2023Rewterz Threat Advisory – CVE-2022-44510 – Adobe Experience Manager Vulnerability
January 17, 2023Rewterz Threat Advisory – Multiple Adobe InDesign Vulnerabilities
January 17, 2023Rewterz Threat Advisory – CVE-2022-44510 – Adobe Experience Manager Vulnerability
January 17, 2023
Severity
High
Analysis Summary
CVE-2023-22602
Apache Shiro could allow a remote attacker to bypass security restrictions, caused by a flaw when Shiro and Spring Boot are using different pattern-matching techniques. By sending a specially-crafted HTTP request, an attacker could exploit this vulnerability to bypass access restrictions.
Impact
- Security Bypass
Indicators Of Compromise
CVE
- CVE-2023-22602
Affected Vendors
Apache
Affected Products
- Apache Shiro 1.10.0
Remediation
Upgrade to the latest version of Apache Shiro, available from the Apache Web site.