Executive Summary

Summary
Title Multiple Vulnerabilities in Apache Struts 2 Affecting Cisco Products: September 2017
Informations
Name cisco-sa-20170907-struts2 First vendor Publication 2017-09-07
Vendor Cisco Last vendor Modification 2017-09-07
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Cvss Base Score 6.8 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

On September 5, 2017, the Apache Software Foundation released security bulletins that disclose three vulnerabilities in the Apache Struts 2 package. Of these vulnerabilities, the Apache Software Foundation classifies one as Critical Severity, one as Medium Severity, and one as Low Severity. For more information about the vulnerabilities, refer to the Details ["#details"] section of this advisory.

Multiple Cisco products incorporate a version of the Apache Struts 2 package that is affected by these vulnerabilities.

This advisory will be updated as additional information becomes available.

This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170907-struts2 ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170907-struts2"]

BEGIN PGP SIGNATURE

iQKBBAEBAgBrBQJZsbsrZBxDaXNjbyBTeXN0ZW1zIFByb2R1Y3QgU2VjdXJpdHkg SW5jaWRlbnQgUmVzcG9uc2UgVGVhbSAoQ2lzY28gUFNJUlQga2V5IDIwMTYtMjAx NykgPHBzaXJ0QGNpc2NvLmNvbT4ACgkQrz2APcQAkHkl6RAAkS5YpcqIQcXb87LH IraKAiu9NB8T7TPzq55QR97iIvGFjWzjOgVXpckl5+Zosy2URhzyhIA+bx6CwNVB sMXuC/4sdvnTVNuSa9XnuEH103t2OBgEArxLMltTjUlgr5a/WFa2prFCzF/EjXu4 ZtJWEEelHahIx5DLC7vZM1fFm/GSysSfTNvvtEkhdITHW3BCprHfQI7M+Ak7RQKj 8jwTv4LAkAzXk6AG7f0oR8fPFyPLI5H93B35ynZgVeEWkJ1SUJ8gKnrzyg2644Qa UU2sajTyE8Q55YtXY9O0sdA6IpxMuemOvdifEFY5nNyI2p0QBPHyqlsDdSLj1WW9 DljRYJWtbJ7Co6yYMCLDZloGR+h1+00Wt7X/KMgdYzIZ5AS0uFa22V75u35b186y e+9pg55zpGfORGhf6OnJ0NDo2oCk0P3XyMtYp0tY71gwHHVnqeNK88vWSQWGF6xG EgwHm8XFaRZYfVlRGpU5iWUf3Iu2ppCX24WO4ocvzVHym3dNpHT3gMgV7T01vQQo zZUm1pPTFspF4+Jx4Ig+S2J9QbgcS+vMaxTjmDBdzw4dzMdgLkEHPf2irscMmS6f vw8p7OzWTwBlBI6FBBgZaBX9QESwnF/cvGzJhj6tFr6htWPr7SQTJz5HuceI5bkP 8L4HlilxQSZU7JzSkywBEnYI9K4= =NNqc END PGP SIGNATURE

_______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com

Original Source

Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...)

CWE : Common Weakness Enumeration

% Id Name
67 % CWE-20 Improper Input Validation
33 % CWE-502 Deserialization of Untrusted Data

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 76

SAINT Exploits

Description Link
Apache Struts REST plugin XStream deserialization vulnerability More info here

Snort® IPS/IDS

Date Description
2019-09-17 XStream void primitive denial of service attempt
RuleID : 51020 - Revision : 1 - Type : SERVER-WEBAPP
2017-10-19 XStream void primitive denial of service attempt
RuleID : 44373 - Revision : 4 - Type : SERVER-WEBAPP
2017-10-10 Java XML deserialization remote code execution attempt
RuleID : 44315 - Revision : 3 - Type : SERVER-WEBAPP

Nessus® Vulnerability Scanner

Date Description
2017-09-28 Name : A web application running on the remote host is affected by a denial of servi...
File : mysql_enterprise_monitor_3_4_3_4225.nasl - Type : ACT_GATHER_INFO
2017-09-06 Name : The remote web server contains a web application that uses a Java framework t...
File : struts_2_5_13_rest_rce.nasl - Type : ACT_ATTACK
2017-09-05 Name : A web application running on the remote host uses a Java framework that is af...
File : struts_2_5_13.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
Date Informations
2017-09-29 17:25:21
  • Multiple Updates
2017-09-22 09:26:00
  • Multiple Updates
2017-09-08 00:22:35
  • First insertion