9.3 - cisco-sa-20180823-apache-struts

Executive Summary

Summary
Title	Apache Struts Remote Code Execution Vulnerability Affecting Cisco Products: August 2018

Informations
Name	cisco-sa-20180823-apache-struts	First vendor Publication	2018-08-23
Vendor	Cisco	Last vendor Modification	2018-08-23
Severity (Vendor)	N/A	Revision	N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score	9.3	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	Medium
Cvss Expoit Score	8.6	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A vulnerability in Apache Struts could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system.

The vulnerability exists because the affected software insufficiently validates user-supplied input, allowing the use of results with no namespace value and the use of url tags with no value or action. In cases where upper actions or configurations also have no namespace or a wildcard namespace, an attacker could exploit this vulnerability by sending a request that submits malicious input to the affected application for processing. If successful, the attacker could execute arbitrary code in the security context of the affected application on the targeted system.

This advisory will be updated as additional information becomes available.

This advisory is available at the following link:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180823-apache-struts ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180823-apache-struts"]

BEGIN PGP SIGNATURE

iQJ5BAEBAgBjBQJbfxJ3XBxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50 IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDE4LTIwMTkpIDxwc2ly dEBjaXNjby5jb20+AAoJEJa12PPJBfcziRkP/3o19Og0bprpEvF6rv+jEpnQg8Pm ZuUn5U7T36sbfiyYsQaRpXvx2FUhLmsx2X6FsLEJHqPi+hyVeB9fkmxq2PKx1Rv3 1lPKnVpsNyHjms50sG1LdjxqzUghXy9Rd0uVypmoZea9fJOUiZ7eHEt8ELarDstu LRyw9nAnfqK/MPUZgRSnZFj7aJT/owvyuoX04sb6aby+XgGRJJfbXlJf0AaY7+98 d2iNN6vU3uvOvI+mljLYVDs0HcPLi1v6bKq9DkTP9n3xI9GtdExpK1qgaxaW3rGr PJSTYu2EizGFi1Y8TFgL6DN5+Cq3lQBZtBs/ULIRr81uG1ZxwqYKp+pj0VA68NIk Tn8pidlqrkPBCqVkWIvo7xUV5AohscRy04k4pcqGAQQvBJj/AsRv9HcgGnkJO2k6 8/EgSQ1fbcYHtbvRBC8Y63ezYuEv3L3FKcmcfM4VWAGThI7LUTPLyZRjpiJvEMFB lZ0faGxg9jLSiPj1pp4edd5CYj/diWsn47M5f9dSt9GaWo6UfGKhP9dg2v3zpsRl /rUjB4PttD1E6pD3KYelQmGjC77ASVoIfobTgeRp41oiQuCGCviJYH3lqnfizG22 BjpoS2safGUmwccUJ/Q/GOifjhF+rHkg9Oq+AJgs3zcEEdlJag5jiMu/1Zy8z0m +9qXWXUdLhAV2tKfR =0uld END PGP SIGNATURE

_______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com

Original Source

Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...)

CPE : Common Platform Enumeration

Type	Description	Count
Application	Apache Struts cpe:2.3:a:apache:struts:2.5.9:::::::* cpe:2.3:a:apache:struts:2.5.8:::::::* cpe:2.3:a:apache:struts:2.5.7:::::::* cpe:2.3:a:apache:struts:2.5.6:::::::* cpe:2.3:a:apache:struts:2.5.5:::::::* cpe:2.3:a:apache:struts:2.5.4:::::::* cpe:2.3:a:apache:struts:2.5.3:::::::* cpe:2.3:a:apache:struts:2.5.2:::::::* cpe:2.3:a:apache:struts:2.5.12:::::::* cpe:2.3:a:apache:struts:2.5.11:::::::* cpe:2.3:a:apache:struts:2.5.10.1:::::::* cpe:2.3:a:apache:struts:2.5.10:::::::* cpe:2.3:a:apache:struts:2.5.1:::::::* cpe:2.3:a:apache:struts:2.5:beta1:::::: cpe:2.3:a:apache:struts:2.5:beta2:::::: cpe:2.3:a:apache:struts:2.5:beta3:::::: cpe:2.3:a:apache:struts:2.5:::::::* cpe:2.3:a:apache:struts:2.3.9:::::::* cpe:2.3:a:apache:struts:2.3.8:::::::* cpe:2.3:a:apache:struts:2.3.7:::::::* cpe:2.3:a:apache:struts:2.3.6:::::::* cpe:2.3:a:apache:struts:2.3.5:::::::* cpe:2.3:a:apache:struts:2.3.4.1:::::::* cpe:2.3:a:apache:struts:2.3.4:::::::* cpe:2.3:a:apache:struts:2.3.33:::::::* cpe:2.3:a:apache:struts:2.3.32:::::::* cpe:2.3:a:apache:struts:2.3.31:::::::* cpe:2.3:a:apache:struts:2.3.30:::::::* cpe:2.3:a:apache:struts:2.3.3:::::::* cpe:2.3:a:apache:struts:2.3.29:::::::* cpe:2.3:a:apache:struts:2.3.28.1:::::::* cpe:2.3:a:apache:struts:2.3.28:::::::* cpe:2.3:a:apache:struts:2.3.27:::::::* cpe:2.3:a:apache:struts:2.3.26:::::::* cpe:2.3:a:apache:struts:2.3.25:::::::* cpe:2.3:a:apache:struts:2.3.24.3:::::::* cpe:2.3:a:apache:struts:2.3.24.2:::::::* cpe:2.3:a:apache:struts:2.3.24.1:::::::* cpe:2.3:a:apache:struts:2.3.24:::::::* cpe:2.3:a:apache:struts:2.3.23:::::::* cpe:2.3:a:apache:struts:2.3.22:::::::* cpe:2.3:a:apache:struts:2.3.21:::::::* cpe:2.3:a:apache:struts:2.3.20.3:::::::* cpe:2.3:a:apache:struts:2.3.20.2:::::::* cpe:2.3:a:apache:struts:2.3.20.1:::::::* cpe:2.3:a:apache:struts:2.3.20:::::::* cpe:2.3:a:apache:struts:2.3.19:::::::* cpe:2.3:a:apache:struts:2.3.17:::::::* cpe:2.3:a:apache:struts:2.3.16.3:::::::* cpe:2.3:a:apache:struts:2.3.16.2:::::::* cpe:2.3:a:apache:struts:2.3.16.1:::::::* cpe:2.3:a:apache:struts:2.3.16:::::::* cpe:2.3:a:apache:struts:2.3.15.3:::::::* cpe:2.3:a:apache:struts:2.3.15.2:::::::* cpe:2.3:a:apache:struts:2.3.15.1:::::::* cpe:2.3:a:apache:struts:2.3.15:::::::* cpe:2.3:a:apache:struts:2.3.14.3:::::::* cpe:2.3:a:apache:struts:2.3.14.2:::::::* cpe:2.3:a:apache:struts:2.3.14.1:::::::* cpe:2.3:a:apache:struts:2.3.14:::::::* cpe:2.3:a:apache:struts:2.3.13:::::::* cpe:2.3:a:apache:struts:2.3.12:::::::* cpe:2.3:a:apache:struts:2.3.11:::::::* cpe:2.3:a:apache:struts:2.3.10:::::::* cpe:2.3:a:apache:struts:2.3.1.2:::::::* cpe:2.3:a:apache:struts:2.3.1.1:::::::* cpe:2.3:a:apache:struts:2.3.1:::::::* cpe:2.3:a:apache:struts:2.2.3.1:::::::* cpe:2.3:a:apache:struts:2.2.3:::::::* cpe:2.3:a:apache:struts:2.2.1.1:::::::* cpe:2.3:a:apache:struts:2.2.1:::::::* cpe:2.3:a:apache:struts:2.1.8.1:::::::* cpe:2.3:a:apache:struts:2.1.8:::::::* cpe:2.3:a:apache:struts:2.1.7:::::::* cpe:2.3:a:apache:struts:2.1.6:::::::* cpe:2.3:a:apache:struts:2.1.5:::::::* cpe:2.3:a:apache:struts:2.1.4:::::::* cpe:2.3:a:apache:struts:2.1.3:::::::* cpe:2.3:a:apache:struts:2.1.2_beta:::::::* cpe:2.3:a:apache:struts:2.1.2:::::::* cpe:2.3:a:apache:struts:2.1.1:::::::* cpe:2.3:a:apache:struts:2.1.0:::::::* cpe:2.3:a:apache:struts:2.1:::::::* cpe:2.3:a:apache:struts:2.0.9:::::::* cpe:2.3:a:apache:struts:2.0.8:::::::* cpe:2.3:a:apache:struts:2.0.7:::::::* cpe:2.3:a:apache:struts:2.0.6:::::::* cpe:2.3:a:apache:struts:2.0.5:::::::* cpe:2.3:a:apache:struts:2.0.4:::::::* cpe:2.3:a:apache:struts:2.0.3:::::::* cpe:2.3:a:apache:struts:2.0.2:::::::* cpe:2.3:a:apache:struts:2.0.14:::::::* cpe:2.3:a:apache:struts:2.0.13:::::::* cpe:2.3:a:apache:struts:2.0.12:::::::* cpe:2.3:a:apache:struts:2.0.11.2:::::::* cpe:2.3:a:apache:struts:2.0.11.1:::::::* cpe:2.3:a:apache:struts:2.0.11:::::::* cpe:2.3:a:apache:struts:2.0.10:::::::* cpe:2.3:a:apache:struts:2.0.1:::::::* cpe:2.3:a:apache:struts:2.0.0:::::::* cpe:2.3:a:apache:struts:1.3.9:::::::* cpe:2.3:a:apache:struts:1.3.8:::::::* cpe:2.3:a:apache:struts:1.3.7:::::::* cpe:2.3:a:apache:struts:1.3.6:::::::* cpe:2.3:a:apache:struts:1.3.5:::::::* cpe:2.3:a:apache:struts:1.3.10:::::::* cpe:2.3:a:apache:struts:1.2.9:::::::* cpe:2.3:a:apache:struts:1.2.8:::::::* cpe:2.3:a:apache:struts:1.2.7:::::::* cpe:2.3:a:apache:struts:1.2.6:::::::* cpe:2.3:a:apache:struts:1.2.5:::::::* cpe:2.3:a:apache:struts:1.2.4:::::::* cpe:2.3:a:apache:struts:1.2.3:::::::* cpe:2.3:a:apache:struts:1.2.2:::::::* cpe:2.3:a:apache:struts:1.2.1:::::::* cpe:2.3:a:apache:struts:1.2.0:::::::* cpe:2.3:a:apache:struts:1.1:::::::* cpe:2.3:a:apache:struts:1.1:rc2:::::: cpe:2.3:a:apache:struts:1.1:b2:::::: cpe:2.3:a:apache:struts:1.1:b1:::::: cpe:2.3:a:apache:struts:1.1:rc1:::::: cpe:2.3:a:apache:struts:1.1:b3:::::: cpe:2.3:a:apache:struts:1.0.2:::::::* cpe:2.3:a:apache:struts:1.0.1:::::::* cpe:2.3:a:apache:struts:1.0:::::::* cpe:2.3:a:apache:struts:1.0:beta1:::::: cpe:2.3:a:apache:struts:1.0:beta2:::::: cpe:2.3:a:apache:struts:1.0:beta3:::::: cpe:2.3:a:apache:struts::::::::	129
Application	Netapp Active Iq Unified Manager cpe:2.3:a:netapp:active_iq_unified_manager::::::windows::* cpe:2.3:a:netapp:active_iq_unified_manager::::::vmware_vsphere::*	2
Application	Netapp Oncommand Insight cpe:2.3:a:netapp:oncommand_insight:-:::::::*	1
Application	Netapp Oncommand Workflow Automation cpe:2.3:a:netapp:oncommand_workflow_automation:-:::::::*	1
Application	Netapp Snapcenter cpe:2.3:a:netapp:snapcenter:-:::::::*	1
Application	Oracle Communications Policy Management cpe:2.3:a:oracle:communications_policy_management:12.4.1:::::::* cpe:2.3:a:oracle:communications_policy_management:12.4.0:::::::* cpe:2.3:a:oracle:communications_policy_management:12.3.1:::::::* cpe:2.3:a:oracle:communications_policy_management:12.3:::::::* cpe:2.3:a:oracle:communications_policy_management:12.1.1:::::::* cpe:2.3:a:oracle:communications_policy_management:12.0:::::::* cpe:2.3:a:oracle:communications_policy_management:11.5:::::::* cpe:2.3:a:oracle:communications_policy_management:10.4.1:::::::* cpe:2.3:a:oracle:communications_policy_management:9.9.1:::::::* cpe:2.3:a:oracle:communications_policy_management:9.7.3:::::::* cpe:2.3:a:oracle:communications_policy_management::::::::	11
Application	Oracle Enterprise Manager Base Platform cpe:2.3:a:oracle:enterprise_manager_base_platform:13.4.0.0:::::::* cpe:2.3:a:oracle:enterprise_manager_base_platform:13.3.0.0:::::::*	2
Application	Oracle Mysql Enterprise Monitor cpe:2.3:a:oracle:mysql_enterprise_monitor:3.4.2.4181:::::::* cpe:2.3:a:oracle:mysql_enterprise_monitor:3.4.2:::::::* cpe:2.3:a:oracle:mysql_enterprise_monitor:3.4.1:::::::* cpe:2.3:a:oracle:mysql_enterprise_monitor:3.4.0:::::::* cpe:2.3:a:oracle:mysql_enterprise_monitor:3.3.4.3247:::::::* cpe:2.3:a:oracle:mysql_enterprise_monitor:3.3.4:::::::* cpe:2.3:a:oracle:mysql_enterprise_monitor:3.3.3:::::::* cpe:2.3:a:oracle:mysql_enterprise_monitor:3.3.2:::::::* cpe:2.3:a:oracle:mysql_enterprise_monitor:3.3.1:::::::* cpe:2.3:a:oracle:mysql_enterprise_monitor:3.3.0:::::::* cpe:2.3:a:oracle:mysql_enterprise_monitor:3.2.8.2223:::::::* cpe:2.3:a:oracle:mysql_enterprise_monitor:3.2.8:::::::* cpe:2.3:a:oracle:mysql_enterprise_monitor:3.2.7:::::::* cpe:2.3:a:oracle:mysql_enterprise_monitor:3.2.6:::::::* cpe:2.3:a:oracle:mysql_enterprise_monitor:3.2.5:::::::* cpe:2.3:a:oracle:mysql_enterprise_monitor:3.2.4:::::::* cpe:2.3:a:oracle:mysql_enterprise_monitor:3.2.3:::::::* cpe:2.3:a:oracle:mysql_enterprise_monitor:3.2.2:::::::* cpe:2.3:a:oracle:mysql_enterprise_monitor:3.2.1:::::::* cpe:2.3:a:oracle:mysql_enterprise_monitor:3.2.0:::::::* cpe:2.3:a:oracle:mysql_enterprise_monitor:3.1.2:::::::* cpe:2.3:a:oracle:mysql_enterprise_monitor:3.0.25:::::::* cpe:2.3:a:oracle:mysql_enterprise_monitor::::::::	23

SAINT Exploits

Description	Link
Apache Struts undefined namespace vulnerability	More info here

Snort® IPS/IDS

Date	Description
2018-10-09	Apache Struts ognl remote code execution attempt RuleID : 47691 - Revision : 1 - Type : SERVER-APACHE
2018-10-09	Apache Struts java.lang.ProcessBuilder class access attempt RuleID : 47690 - Revision : 2 - Type : SERVER-APACHE
2018-10-09	Apache Struts java.net.Socket class access attempt RuleID : 47689 - Revision : 1 - Type : SERVER-APACHE
2018-09-27	Apache Struts remote code execution attempt RuleID : 47649 - Revision : 1 - Type : SERVER-WEBAPP
2018-09-25	Apache Struts OGNL getRuntime.exec static method access attempt RuleID : 47634 - Revision : 1 - Type : SERVER-APACHE
2016-07-13	Apache Struts remote code execution attempt RuleID : 39191 - Revision : 3 - Type : SERVER-APACHE
2016-07-13	Apache Struts remote code execution attempt RuleID : 39190 - Revision : 3 - Type : SERVER-APACHE
2014-03-13	Apache Struts wildcard matching OGNL remote code execution attempt RuleID : 29639 - Revision : 4 - Type : SERVER-APACHE

Nessus® Vulnerability Scanner

Date	Description
2018-09-05	Name : The remote device is missing a vendor-supplied security patch. File : cisco-sa-20180823-apache-struts-cups.nasl - Type : ACT_GATHER_INFO
2018-09-05	Name : The remote device is affected by an information disclosure vulnerability. File : cisco-sa-20180823-apache-struts-ucm.nasl - Type : ACT_GATHER_INFO
2018-08-31	Name : The remote device is missing a vendor-supplied security patch. File : cisco-sa-20180823-apache-struts-ise.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2018-11-01 21:22:19	Multiple Updates
2018-08-24 00:19:12	First insertion

Global Informations

Type	Count
CPE ID(s)	170
Saint Exploit(s)	1
Snort® Rule(s)	8
Nessus® Exploit(s)	3

	Related
8.1	CVE-2018-11776
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 1 more Alert(s)

9.3 - cisco-sa-20180823-apache-struts

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CPE : Common Platform Enumeration

SAINT Exploits

Snort® IPS/IDS

Nessus® Vulnerability Scanner

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU