Executive Summary
Summary | |
---|---|
Title | Apache Struts 2 framework REST plugin insecurely deserializes untrusted XML data |
Informations | |||
---|---|---|---|
Name | VU#112992 | First vendor Publication | 2017-09-06 |
Vendor | VU-CERT | Last vendor Modification | 2017-09-06 |
Severity (Vendor) | N/A | Revision | M |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 6.8 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Vulnerability Note VU#112992Apache Struts 2 framework REST plugin insecurely deserializes untrusted XML dataOverviewApache Struts 2 framework, versions 2.5 to 2.5.12, with REST plugin insecurely deserializes untrusted XML data. A remote, unauthenticated attacker can leverage this vulnerability to execute arbitrary code in the context of the Struts application. Description
Impact
Solution
Vendor Information (Learn More)
CVSS Metrics (Learn More)
References
CreditMan Yue Mo of lgtm is credited with reporting this vulnerability to the vendor. This document was written by Joel Land. Other Information
FeedbackIf you have feedback, comments, or additional information about this vulnerability, please send us email. |
Original Source
Url : http://www.kb.cert.org/vuls/id/112992 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-502 | Deserialization of Untrusted Data |
CPE : Common Platform Enumeration
SAINT Exploits
Description | Link |
---|---|
Apache Struts REST plugin XStream deserialization vulnerability | More info here |
Snort® IPS/IDS
Date | Description |
---|---|
2017-10-10 | Java XML deserialization remote code execution attempt RuleID : 44315 - Revision : 3 - Type : SERVER-WEBAPP |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2017-09-28 | Name : A web application running on the remote host is affected by a denial of servi... File : mysql_enterprise_monitor_3_4_3_4225.nasl - Type : ACT_GATHER_INFO |
2017-09-06 | Name : The remote web server contains a web application that uses a Java framework t... File : struts_2_5_13_rest_rce.nasl - Type : ACT_ATTACK |
2017-09-05 | Name : A web application running on the remote host uses a Java framework that is af... File : struts_2_5_13.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2017-10-31 09:23:50 |
|
2017-09-06 17:22:32 |
|