Vulnerability identifier: #VU45757

Vulnerability risk: Medium

CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C]

CVE-ID: CVE-2020-13933

CWE-ID: CWE-287

Exploitation vector: Network

Exploits in database: 4

• May 4, 2023
  • CVE-2020-13933 (CVE-2020-13933 靶场： shiro 认证绕过漏洞) [Github]
• November 6, 2020
  • cve-2020-13933 (cve-2020-13933 apache shiro权限绕过漏洞) [Github]
• September 23, 2020
  • cve-2020-13933 (cve-2020-13933 apache shiro权限绕过漏洞) [Github]
• September 11, 2020
  • CVE-2020-13933 (CVE-2020-13933 靶场： shiro 认证绕过漏洞) [Github]

Impact: Information disclosure and data manipulation

Vulnerable software:
Apache Shiro
Universal components / Libraries / Software for developers

Vendor: Apache Foundation