CVE-2020-17523

Name of the Vulnerable Software and Affected Versions: Apache Shiro versions prior to 1.7.1

Description: The issue is related to authentication weaknesses in the Apache Shiro framework. It may allow a remote attacker to bypass authentication, potentially leading to privilege escalation. A specially crafted HTTP request can cause an authentication bypass when Apache Shiro is used with Spring.

Recommendations: For Apache Shiro versions prior to 1.7.1, update to version 1.7.1 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive areas of the application to minimize the risk of exploitation.