Executive Summary
Summary | |
---|---|
Title | Multiple Vulnerabilities in Apache Struts 2 Affecting Cisco Products: September 2017 |
Informations | |||
---|---|---|---|
Name | cisco-sa-20170907-struts2 | First vendor Publication | 2017-09-07 |
Vendor | Cisco | Last vendor Modification | 2017-09-07 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 6.8 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
On September 5, 2017, the Apache Software Foundation released security bulletins that disclose three vulnerabilities in the Apache Struts 2 package. Of these vulnerabilities, the Apache Software Foundation classifies one as Critical Severity, one as Medium Severity, and one as Low Severity. For more information about the vulnerabilities, refer to the Details ["#details"] section of this advisory. Multiple Cisco products incorporate a version of the Apache Struts 2 package that is affected by these vulnerabilities. This advisory will be updated as additional information becomes available. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170907-struts2 ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170907-struts2"] BEGIN PGP SIGNATURE iQKBBAEBAgBrBQJZsbsrZBxDaXNjbyBTeXN0ZW1zIFByb2R1Y3QgU2VjdXJpdHkg SW5jaWRlbnQgUmVzcG9uc2UgVGVhbSAoQ2lzY28gUFNJUlQga2V5IDIwMTYtMjAx NykgPHBzaXJ0QGNpc2NvLmNvbT4ACgkQrz2APcQAkHkl6RAAkS5YpcqIQcXb87LH IraKAiu9NB8T7TPzq55QR97iIvGFjWzjOgVXpckl5+Zosy2URhzyhIA+bx6CwNVB sMXuC/4sdvnTVNuSa9XnuEH103t2OBgEArxLMltTjUlgr5a/WFa2prFCzF/EjXu4 ZtJWEEelHahIx5DLC7vZM1fFm/GSysSfTNvvtEkhdITHW3BCprHfQI7M+Ak7RQKj 8jwTv4LAkAzXk6AG7f0oR8fPFyPLI5H93B35ynZgVeEWkJ1SUJ8gKnrzyg2644Qa UU2sajTyE8Q55YtXY9O0sdA6IpxMuemOvdifEFY5nNyI2p0QBPHyqlsDdSLj1WW9 DljRYJWtbJ7Co6yYMCLDZloGR+h1+00Wt7X/KMgdYzIZ5AS0uFa22V75u35b186y e+9pg55zpGfORGhf6OnJ0NDo2oCk0P3XyMtYp0tY71gwHHVnqeNK88vWSQWGF6xG EgwHm8XFaRZYfVlRGpU5iWUf3Iu2ppCX24WO4ocvzVHym3dNpHT3gMgV7T01vQQo zZUm1pPTFspF4+Jx4Ig+S2J9QbgcS+vMaxTjmDBdzw4dzMdgLkEHPf2irscMmS6f vw8p7OzWTwBlBI6FBBgZaBX9QESwnF/cvGzJhj6tFr6htWPr7SQTJz5HuceI5bkP 8L4HlilxQSZU7JzSkywBEnYI9K4= =NNqc END PGP SIGNATURE _______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com |
Original Source
Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...) |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
67 % | CWE-20 | Improper Input Validation |
33 % | CWE-502 | Deserialization of Untrusted Data |
CPE : Common Platform Enumeration
SAINT Exploits
Description | Link |
---|---|
Apache Struts REST plugin XStream deserialization vulnerability | More info here |
Snort® IPS/IDS
Date | Description |
---|---|
2019-09-17 | XStream void primitive denial of service attempt RuleID : 51020 - Revision : 1 - Type : SERVER-WEBAPP |
2017-10-19 | XStream void primitive denial of service attempt RuleID : 44373 - Revision : 4 - Type : SERVER-WEBAPP |
2017-10-10 | Java XML deserialization remote code execution attempt RuleID : 44315 - Revision : 3 - Type : SERVER-WEBAPP |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2017-09-28 | Name : A web application running on the remote host is affected by a denial of servi... File : mysql_enterprise_monitor_3_4_3_4225.nasl - Type : ACT_GATHER_INFO |
2017-09-06 | Name : The remote web server contains a web application that uses a Java framework t... File : struts_2_5_13_rest_rce.nasl - Type : ACT_ATTACK |
2017-09-05 | Name : A web application running on the remote host uses a Java framework that is af... File : struts_2_5_13.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2017-09-29 17:25:21 |
|
2017-09-22 09:26:00 |
|
2017-09-08 00:22:35 |
|