module
Apache Shiro v1.2.4 Cookie RememberME Deserial RCE
| Disclosed |
|---|
| Jun 7, 2016 |
Disclosed
Jun 7, 2016
Description
This vulnerability allows remote attackers to execute arbitrary code on vulnerable
installations of Apache Shiro v1.2.4. Note that other versions of Apache Shiro may
also be exploitable if the encryption key used by Shiro to encrypt rememberMe
cookies is known.
installations of Apache Shiro v1.2.4. Note that other versions of Apache Shiro may
also be exploitable if the encryption key used by Shiro to encrypt rememberMe
cookies is known.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.