SERVER-APACHE Apache Struts remote code execution attempt
The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string.
CVSS base score 10.0 CVSS impact score 6.0 CVSS exploitability score 3.9 confidentialityImpact HIGH integrityImpact HIGH availabilityImpact HIGH
CVE-2017-5638:
CVSS base score 10.0
CVSS impact score 6.0
CVSS exploitability score 3.9
Confidentiality Impact HIGH
Integrity Impact HIGH
Availability Impact HIGH
CVE-2017-9791:
CVSS base score 9.8
CVSS impact score 5.9
CVSS exploitability score 3.9
Confidentiality Impact HIGH
Integrity Impact HIGH
Availability Impact HIGH
CVE-2017-5638: The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string.
CVE-2017-9791: The Struts 1 plugin in Apache Struts 2.3.x might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage.
CVE-2017-5638:
Access Vector
Access Complexity
Authentication
CVE-2017-9791:
Access Vector
Access Complexity
Authentication
None known
None known
©2020 Cisco and/or its affiliates. Snort, the Snort and Pig logo are registered trademarks of Cisco. All rights reserved.
Privacy Policy | Snort License | FAQ | Sitemap
