#VU78805 Path traversal in Apache Shiro - CVE-2023-34478


Vulnerability identifier: #VU78805

Vulnerability risk: High

CVSSv4.0: 8 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-34478

CWE-ID: CWE-22

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Apache Shiro
Universal components / Libraries / Software for developers

Vendor: Apache Foundation

Description

The vulnerability allows a remote attacker to bypass authentication.

The vulnerability exists due to input validation error when processing directory traversal sequences. A remote attacker can send a specially crafted HTTP request and bypass authentication process, when used together with APIs or other web frameworks that route requests based on non-normalized requests.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Apache Shiro: 1.0.0 - 1.11.0

External links
https://lists.apache.org/thread/mbv26onkgw9o35rldh7vmq11wpv2t2qk
https://www.openwall.com/lists/oss-security/2023/07/24/4

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


IBM Global High Availability Mailbox update for Apache Shiro
Multiple vulnerabilities in Dell PowerStoreT OS
Multiple vulnerabilities in Dell PowerStore Family
Multiple vulnerabilities in Cloudera Data Platform Private Cloud Base with IBM (CDP)
Multiple vulnerabilities in IBM WebSphere Service Registry and Repository
Multiple vulnerabilities in IBM Cognos Dashboards on Cloud Pak for Data
Oxygen XML Web Author update for Apache Shiro
Oxygen Content Fusion update for Apache Shiro
Path traversal in Apache Shiro