THREAT OPS › CVEs › CVE-2016-4437
CVE-2016-4437 — Apache Shiro Code Execution Vulnerability
Apache Shiro contains a vulnerability which may allow remote attackers to execute code or bypass intended access restrictions via an unspecified request parameter when a cipher key has not been configured for the "remember me" feature.
Vulnerability details
- Affected productsShiro
- KEV remediation due2022-05-03
Related reporting
- June 2026 CVE Landscaperecordedfuture