CVE-2017-9805

Опубликовано: 15 сент. 2017

Источник: nvd

CVSS3: 8.1

CVSS2: 6.8

EPSS Критический

Описание

The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads.

Ссылки

http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-9805-3889403.html
Patch
Third Party Advisory
http://www.securityfocus.com/bid/100609
Broken Link
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039263
Broken Link
Third Party Advisory
VDB Entry
https://blogs.apache.org/foundation/entry/apache-struts-statement-on-equifax
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1488482
Issue Tracking
Third Party Advisory
VDB Entry
https://cwiki.apache.org/confluence/display/WW/S2-052
Mitigation
Vendor Advisory
https://lgtm.com/blog/apache_struts_CVE-2017-9805
Broken Link
https://security.netapp.com/advisory/ntap-20170907-0001/
Third Party Advisory
https://struts.apache.org/docs/s2-052.html
Mitigation
Vendor Advisory
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170907-struts2
Third Party Advisory
https://www.exploit-db.com/exploits/42627/
Exploit
Third Party Advisory
VDB Entry
https://www.kb.cert.org/vuls/id/112992
Third Party Advisory
US Government Resource
http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-9805-3889403.html
Patch
Third Party Advisory
http://www.securityfocus.com/bid/100609
Broken Link
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039263
Broken Link
Third Party Advisory
VDB Entry
https://blogs.apache.org/foundation/entry/apache-struts-statement-on-equifax
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1488482
Issue Tracking
Third Party Advisory
VDB Entry
https://cwiki.apache.org/confluence/display/WW/S2-052
Mitigation
Vendor Advisory
https://lgtm.com/blog/apache_struts_CVE-2017-9805
Broken Link
https://security.netapp.com/advisory/ntap-20170907-0001/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:*

Версия от 2.1.2 (включая) до 2.3.34 (исключая)

cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:*

Версия от 2.5.0 (включая) до 2.5.13 (исключая)

Конфигурация 2

Одно из

cpe:2.3:a:cisco:digital_media_manager:-:*:*:*:*:*:*:*

cpe:2.3:a:cisco:hosted_collaboration_solution:10.5\(1\):*:*:*:*:*:*:*

cpe:2.3:a:cisco:hosted_collaboration_solution:11.0\(1\):*:*:*:*:*:*:*

cpe:2.3:a:cisco:hosted_collaboration_solution:11.5\(1\):*:*:*:*:*:*:*

cpe:2.3:a:cisco:hosted_collaboration_solution:11.6\(1\):*:*:*:*:*:*:*

cpe:2.3:a:cisco:media_experience_engine:3.5:*:*:*:*:*:*:*

cpe:2.3:a:cisco:media_experience_engine:3.5.2:*:*:*:*:*:*:*

cpe:2.3:a:cisco:network_performance_analysis:-:*:*:*:*:*:*:*

cpe:2.3:a:cisco:video_distribution_suite_for_internet_streaming:-:*:*:*:*:*:*:*

Конфигурация 3

cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*

EPSS

Процентиль: 100%

0.94322

Критический

8.1 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-502

Связанные уязвимости

CVE-2017-9805

CVSS3: 8.1

ubuntu

больше 8 лет назад

CVE-2017-9805

CVSS3: 8.1

redhat

больше 8 лет назад

CVE-2017-9805

CVSS3: 8.1

debian

больше 8 лет назад

The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and ...

GHSA-gg9m-fj3v-r58c

CVSS3: 8.1

github

больше 7 лет назад

REST Plugin in Apache Struts uses an XStreamHandler with an instance of XStream for deserialization without any type filtering

BDU:2017-02058

fstec

больше 8 лет назад

Уязвимость плагина REST программной платформы Apache Struts, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 100%

0.94322

Критический

8.1 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-502