Vulnerability-Lookup

CVE-2017-5638 (GCVE-0-2017-5638)

Vulnerability from cvelistv5 – Published: 2017-03-11 02:11 – Updated: 2025-10-21 23:55

Summary

The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string.

Severity ?

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

Assigner

apache

References

URL

Tags

	https://nmap.org/nsedoc/scripts/http-vuln-cve2017…	x_refsource_MISC
	http://www.arubanetworks.com/assets/alert/ARUBA-P…	x_refsource_CONFIRM
	https://arstechnica.com/security/2017/03/critical…	x_refsource_MISC
	https://exploit-db.com/exploits/41570	exploitx_refsource_EXPLOIT-DB
	https://security.netapp.com/advisory/ntap-2017031…	x_refsource_CONFIRM
	https://github.com/rapid7/metasploit-framework/is…	x_refsource_MISC
	https://struts.apache.org/docs/s2-046.html	x_refsource_CONFIRM
	http://blog.talosintelligence.com/2017/03/apache-…	x_refsource_MISC
	https://www.imperva.com/blog/2017/03/cve-2017-563…	x_refsource_MISC
	https://h20566.www2.hpe.com/hpsc/doc/public/displ…	x_refsource_CONFIRM
	https://www.kb.cert.org/vuls/id/834067	third-party-advisoryx_refsource_CERT-VN
	https://isc.sans.edu/diary/22169	x_refsource_MISC
	https://struts.apache.org/docs/s2-045.html	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1037973	vdb-entryx_refsource_SECTRACK
	http://www.eweek.com/security/apache-struts-vulne…	x_refsource_MISC
	http://www.securityfocus.com/bid/96729	vdb-entryx_refsource_BID
	https://twitter.com/theog150/status/841146956135124993	x_refsource_MISC
	https://github.com/mazen160/struts-pwn	x_refsource_MISC
	https://packetstormsecurity.com/files/141494/S2-4…	x_refsource_MISC
	https://www.symantec.com/security-center/network-…	x_refsource_CONFIRM
	https://support.lenovo.com/us/en/product_security…	x_refsource_CONFIRM
	https://git1-us-west.apache.org/repos/asf?p=strut…	x_refsource_CONFIRM
	https://h20566.www2.hpe.com/hpsc/doc/public/displ…	x_refsource_CONFIRM
	https://git1-us-west.apache.org/repos/asf?p=strut…	x_refsource_CONFIRM
	https://cwiki.apache.org/confluence/display/WW/S2-045	x_refsource_CONFIRM
	https://www.exploit-db.com/exploits/41614/	exploitx_refsource_EXPLOIT-DB
	https://cwiki.apache.org/confluence/display/WW/S2-046	x_refsource_CONFIRM
	http://www.oracle.com/technetwork/security-adviso…	x_refsource_CONFIRM
	https://h20566.www2.hpe.com/hpsc/doc/public/displ…	x_refsource_CONFIRM
	http://blog.trendmicro.com/trendlabs-security-int…	x_refsource_MISC
	https://lists.apache.org/thread.html/r6d03e45b81e…	mailing-listx_refsource_MLIST
	https://lists.apache.org/thread.html/r90890afea72…	mailing-listx_refsource_MLIST
	https://lists.apache.org/thread.html/r1125f3044a0…	mailing-listx_refsource_MLIST

Impacted products

	Vendor	Product	Version
	Apache Software Foundation	Apache Struts	Affected: 2.3.x before 2.3.32 Affected: 2.5.x before 2.5.10.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T15:04:15.370Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://nmap.org/nsedoc/scripts/http-vuln-cve2017-5638.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-002.txt"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://arstechnica.com/security/2017/03/critical-vulnerability-under-massive-attack-imperils-high-impact-sites/"
          },
          {
            "name": "41570",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://exploit-db.com/exploits/41570"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20170310-0001/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/rapid7/metasploit-framework/issues/8064"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://struts.apache.org/docs/s2-046.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://blog.talosintelligence.com/2017/03/apache-0-day-exploited.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.imperva.com/blog/2017/03/cve-2017-5638-new-remote-code-execution-rce-vulnerability-in-apache-struts-2/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03733en_us"
          },
          {
            "name": "VU#834067",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "https://www.kb.cert.org/vuls/id/834067"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://isc.sans.edu/diary/22169"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://struts.apache.org/docs/s2-045.html"
          },
          {
            "name": "1037973",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1037973"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.eweek.com/security/apache-struts-vulnerability-under-attack.html"
          },
          {
            "name": "96729",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/96729"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://twitter.com/theog150/status/841146956135124993"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/mazen160/struts-pwn"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://packetstormsecurity.com/files/141494/S2-45-poc.py.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.symantec.com/security-center/network-protection-security-advisories/SA145"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.lenovo.com/us/en/product_security/len-14200"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=352306493971e7d5a756d61780d57a76eb1f519a"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03723en_us"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=6b8272ce47160036ed120a48345d9aa884477228"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cwiki.apache.org/confluence/display/WW/S2-045"
          },
          {
            "name": "41614",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/41614/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cwiki.apache.org/confluence/display/WW/S2-046"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03749en_us"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-5638-apache-struts-vulnerability-remote-code-execution/"
          },
          {
            "name": "[announce] 20200131 Apache Software Foundation Security Report: 2019",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E"
          },
          {
            "name": "[announce] 20210125 Apache Software Foundation Security Report: 2020",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922%40%3Cannounce.apache.org%3E"
          },
          {
            "name": "[announce] 20210223 Re: Apache Software Foundation Security Report: 2020",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7%40%3Cannounce.apache.org%3E"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2017-5638",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-06T21:06:33.860690Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2021-11-03",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-5638"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-755",
                "description": "CWE-755 Improper Handling of Exceptional Conditions",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-21T23:55:46.106Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-5638"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2021-11-03T00:00:00.000Z",
            "value": "CVE-2017-5638 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Apache Struts",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "status": "affected",
              "version": "2.3.x before 2.3.32"
            },
            {
              "status": "affected",
              "version": "2.5.x before 2.5.10.1"
            }
          ]
        }
      ],
      "datePublic": "2017-03-06T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-02-24T03:06:34.000Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://nmap.org/nsedoc/scripts/http-vuln-cve2017-5638.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-002.txt"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://arstechnica.com/security/2017/03/critical-vulnerability-under-massive-attack-imperils-high-impact-sites/"
        },
        {
          "name": "41570",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://exploit-db.com/exploits/41570"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20170310-0001/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/rapid7/metasploit-framework/issues/8064"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://struts.apache.org/docs/s2-046.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://blog.talosintelligence.com/2017/03/apache-0-day-exploited.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.imperva.com/blog/2017/03/cve-2017-5638-new-remote-code-execution-rce-vulnerability-in-apache-struts-2/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03733en_us"
        },
        {
          "name": "VU#834067",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "https://www.kb.cert.org/vuls/id/834067"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://isc.sans.edu/diary/22169"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://struts.apache.org/docs/s2-045.html"
        },
        {
          "name": "1037973",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1037973"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.eweek.com/security/apache-struts-vulnerability-under-attack.html"
        },
        {
          "name": "96729",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/96729"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://twitter.com/theog150/status/841146956135124993"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/mazen160/struts-pwn"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://packetstormsecurity.com/files/141494/S2-45-poc.py.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.symantec.com/security-center/network-protection-security-advisories/SA145"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.lenovo.com/us/en/product_security/len-14200"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=352306493971e7d5a756d61780d57a76eb1f519a"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03723en_us"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=6b8272ce47160036ed120a48345d9aa884477228"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cwiki.apache.org/confluence/display/WW/S2-045"
        },
        {
          "name": "41614",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/41614/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cwiki.apache.org/confluence/display/WW/S2-046"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03749en_us"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-5638-apache-struts-vulnerability-remote-code-execution/"
        },
        {
          "name": "[announce] 20200131 Apache Software Foundation Security Report: 2019",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E"
        },
        {
          "name": "[announce] 20210125 Apache Software Foundation Security Report: 2020",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922%40%3Cannounce.apache.org%3E"
        },
        {
          "name": "[announce] 20210223 Re: Apache Software Foundation Security Report: 2020",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7%40%3Cannounce.apache.org%3E"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@apache.org",
          "ID": "CVE-2017-5638",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Apache Struts",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "2.3.x before 2.3.32"
                          },
                          {
                            "version_value": "2.5.x before 2.5.10.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Apache Software Foundation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://nmap.org/nsedoc/scripts/http-vuln-cve2017-5638.html",
              "refsource": "MISC",
              "url": "https://nmap.org/nsedoc/scripts/http-vuln-cve2017-5638.html"
            },
            {
              "name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-002.txt",
              "refsource": "CONFIRM",
              "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-002.txt"
            },
            {
              "name": "https://arstechnica.com/security/2017/03/critical-vulnerability-under-massive-attack-imperils-high-impact-sites/",
              "refsource": "MISC",
              "url": "https://arstechnica.com/security/2017/03/critical-vulnerability-under-massive-attack-imperils-high-impact-sites/"
            },
            {
              "name": "41570",
              "refsource": "EXPLOIT-DB",
              "url": "https://exploit-db.com/exploits/41570"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20170310-0001/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20170310-0001/"
            },
            {
              "name": "https://github.com/rapid7/metasploit-framework/issues/8064",
              "refsource": "MISC",
              "url": "https://github.com/rapid7/metasploit-framework/issues/8064"
            },
            {
              "name": "https://struts.apache.org/docs/s2-046.html",
              "refsource": "CONFIRM",
              "url": "https://struts.apache.org/docs/s2-046.html"
            },
            {
              "name": "http://blog.talosintelligence.com/2017/03/apache-0-day-exploited.html",
              "refsource": "MISC",
              "url": "http://blog.talosintelligence.com/2017/03/apache-0-day-exploited.html"
            },
            {
              "name": "https://www.imperva.com/blog/2017/03/cve-2017-5638-new-remote-code-execution-rce-vulnerability-in-apache-struts-2/",
              "refsource": "MISC",
              "url": "https://www.imperva.com/blog/2017/03/cve-2017-5638-new-remote-code-execution-rce-vulnerability-in-apache-struts-2/"
            },
            {
              "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03733en_us",
              "refsource": "CONFIRM",
              "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03733en_us"
            },
            {
              "name": "VU#834067",
              "refsource": "CERT-VN",
              "url": "https://www.kb.cert.org/vuls/id/834067"
            },
            {
              "name": "https://isc.sans.edu/diary/22169",
              "refsource": "MISC",
              "url": "https://isc.sans.edu/diary/22169"
            },
            {
              "name": "https://struts.apache.org/docs/s2-045.html",
              "refsource": "CONFIRM",
              "url": "https://struts.apache.org/docs/s2-045.html"
            },
            {
              "name": "1037973",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1037973"
            },
            {
              "name": "http://www.eweek.com/security/apache-struts-vulnerability-under-attack.html",
              "refsource": "MISC",
              "url": "http://www.eweek.com/security/apache-struts-vulnerability-under-attack.html"
            },
            {
              "name": "96729",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/96729"
            },
            {
              "name": "https://twitter.com/theog150/status/841146956135124993",
              "refsource": "MISC",
              "url": "https://twitter.com/theog150/status/841146956135124993"
            },
            {
              "name": "https://github.com/mazen160/struts-pwn",
              "refsource": "MISC",
              "url": "https://github.com/mazen160/struts-pwn"
            },
            {
              "name": "https://packetstormsecurity.com/files/141494/S2-45-poc.py.txt",
              "refsource": "MISC",
              "url": "https://packetstormsecurity.com/files/141494/S2-45-poc.py.txt"
            },
            {
              "name": "https://www.symantec.com/security-center/network-protection-security-advisories/SA145",
              "refsource": "CONFIRM",
              "url": "https://www.symantec.com/security-center/network-protection-security-advisories/SA145"
            },
            {
              "name": "https://support.lenovo.com/us/en/product_security/len-14200",
              "refsource": "CONFIRM",
              "url": "https://support.lenovo.com/us/en/product_security/len-14200"
            },
            {
              "name": "https://git1-us-west.apache.org/repos/asf?p=struts.git;a=commit;h=352306493971e7d5a756d61780d57a76eb1f519a",
              "refsource": "CONFIRM",
              "url": "https://git1-us-west.apache.org/repos/asf?p=struts.git;a=commit;h=352306493971e7d5a756d61780d57a76eb1f519a"
            },
            {
              "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03723en_us",
              "refsource": "CONFIRM",
              "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03723en_us"
            },
            {
              "name": "https://git1-us-west.apache.org/repos/asf?p=struts.git;a=commit;h=6b8272ce47160036ed120a48345d9aa884477228",
              "refsource": "CONFIRM",
              "url": "https://git1-us-west.apache.org/repos/asf?p=struts.git;a=commit;h=6b8272ce47160036ed120a48345d9aa884477228"
            },
            {
              "name": "https://cwiki.apache.org/confluence/display/WW/S2-045",
              "refsource": "CONFIRM",
              "url": "https://cwiki.apache.org/confluence/display/WW/S2-045"
            },
            {
              "name": "41614",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/41614/"
            },
            {
              "name": "https://cwiki.apache.org/confluence/display/WW/S2-046",
              "refsource": "CONFIRM",
              "url": "https://cwiki.apache.org/confluence/display/WW/S2-046"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
            },
            {
              "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03749en_us",
              "refsource": "CONFIRM",
              "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03749en_us"
            },
            {
              "name": "http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-5638-apache-struts-vulnerability-remote-code-execution/",
              "refsource": "MISC",
              "url": "http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-5638-apache-struts-vulnerability-remote-code-execution/"
            },
            {
              "name": "[announce] 20200131 Apache Software Foundation Security Report: 2019",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c@%3Cannounce.apache.org%3E"
            },
            {
              "name": "[announce] 20210125 Apache Software Foundation Security Report: 2020",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922@%3Cannounce.apache.org%3E"
            },
            {
              "name": "[announce] 20210223 Re: Apache Software Foundation Security Report: 2020",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7@%3Cannounce.apache.org%3E"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2017-5638",
    "datePublished": "2017-03-11T02:11:00.000Z",
    "dateReserved": "2017-01-29T00:00:00.000Z",
    "dateUpdated": "2025-10-21T23:55:46.106Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2017-5638",
      "cwes": "[\"CWE-20\"]",
      "dateAdded": "2021-11-03",
      "dueDate": "2022-05-03",
      "knownRansomwareCampaignUse": "Known",
      "notes": "https://nvd.nist.gov/vuln/detail/CVE-2017-5638",
      "product": "Struts",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "Apache Struts Jakarta Multipart parser allows for malicious file upload using the Content-Type value, leading to remote code execution.",
      "vendorProject": "Apache",
      "vulnerabilityName": "Apache Struts Remote Code Execution Vulnerability"
    },
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://nmap.org/nsedoc/scripts/http-vuln-cve2017-5638.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-002.txt\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://arstechnica.com/security/2017/03/critical-vulnerability-under-massive-attack-imperils-high-impact-sites/\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://exploit-db.com/exploits/41570\", \"name\": \"41570\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\", \"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20170310-0001/\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://github.com/rapid7/metasploit-framework/issues/8064\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://struts.apache.org/docs/s2-046.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://blog.talosintelligence.com/2017/03/apache-0-day-exploited.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://www.imperva.com/blog/2017/03/cve-2017-5638-new-remote-code-execution-rce-vulnerability-in-apache-struts-2/\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03733en_us\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://www.kb.cert.org/vuls/id/834067\", \"name\": \"VU#834067\", \"tags\": [\"third-party-advisory\", \"x_refsource_CERT-VN\", \"x_transferred\"]}, {\"url\": \"https://isc.sans.edu/diary/22169\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://struts.apache.org/docs/s2-045.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id/1037973\", \"name\": \"1037973\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"http://www.eweek.com/security/apache-struts-vulnerability-under-attack.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/bid/96729\", \"name\": \"96729\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"]}, {\"url\": \"https://twitter.com/theog150/status/841146956135124993\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://github.com/mazen160/struts-pwn\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://packetstormsecurity.com/files/141494/S2-45-poc.py.txt\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://www.symantec.com/security-center/network-protection-security-advisories/SA145\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://support.lenovo.com/us/en/product_security/len-14200\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=352306493971e7d5a756d61780d57a76eb1f519a\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03723en_us\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=6b8272ce47160036ed120a48345d9aa884477228\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://cwiki.apache.org/confluence/display/WW/S2-045\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://www.exploit-db.com/exploits/41614/\", \"name\": \"41614\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\", \"x_transferred\"]}, {\"url\": \"https://cwiki.apache.org/confluence/display/WW/S2-046\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03749en_us\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-5638-apache-struts-vulnerability-remote-code-execution/\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E\", \"name\": \"[announce] 20200131 Apache Software Foundation Security Report: 2019\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922%40%3Cannounce.apache.org%3E\", \"name\": \"[announce] 20210125 Apache Software Foundation Security Report: 2020\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7%40%3Cannounce.apache.org%3E\", \"name\": \"[announce] 20210223 Re: Apache Software Foundation Security Report: 2020\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-05T15:04:15.370Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2017-5638\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-06T21:06:33.860690Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2021-11-03\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-5638\"}}}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2021-11-03T00:00:00.000Z\", \"value\": \"CVE-2017-5638 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-5638\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-755\", \"description\": \"CWE-755 Improper Handling of Exceptional Conditions\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-06T21:06:37.213Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"Apache Software Foundation\", \"product\": \"Apache Struts\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.3.x before 2.3.32\"}, {\"status\": \"affected\", \"version\": \"2.5.x before 2.5.10.1\"}]}], \"datePublic\": \"2017-03-06T00:00:00.000Z\", \"references\": [{\"url\": \"https://nmap.org/nsedoc/scripts/http-vuln-cve2017-5638.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-002.txt\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://arstechnica.com/security/2017/03/critical-vulnerability-under-massive-attack-imperils-high-impact-sites/\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://exploit-db.com/exploits/41570\", \"name\": \"41570\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20170310-0001/\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/rapid7/metasploit-framework/issues/8064\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://struts.apache.org/docs/s2-046.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://blog.talosintelligence.com/2017/03/apache-0-day-exploited.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://www.imperva.com/blog/2017/03/cve-2017-5638-new-remote-code-execution-rce-vulnerability-in-apache-struts-2/\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03733en_us\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://www.kb.cert.org/vuls/id/834067\", \"name\": \"VU#834067\", \"tags\": [\"third-party-advisory\", \"x_refsource_CERT-VN\"]}, {\"url\": \"https://isc.sans.edu/diary/22169\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://struts.apache.org/docs/s2-045.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.securitytracker.com/id/1037973\", \"name\": \"1037973\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"http://www.eweek.com/security/apache-struts-vulnerability-under-attack.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://www.securityfocus.com/bid/96729\", \"name\": \"96729\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"]}, {\"url\": \"https://twitter.com/theog150/status/841146956135124993\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/mazen160/struts-pwn\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://packetstormsecurity.com/files/141494/S2-45-poc.py.txt\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://www.symantec.com/security-center/network-protection-security-advisories/SA145\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://support.lenovo.com/us/en/product_security/len-14200\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=352306493971e7d5a756d61780d57a76eb1f519a\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03723en_us\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=6b8272ce47160036ed120a48345d9aa884477228\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://cwiki.apache.org/confluence/display/WW/S2-045\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://www.exploit-db.com/exploits/41614/\", \"name\": \"41614\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\"]}, {\"url\": \"https://cwiki.apache.org/confluence/display/WW/S2-046\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03749en_us\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-5638-apache-struts-vulnerability-remote-code-execution/\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E\", \"name\": \"[announce] 20200131 Apache Software Foundation Security Report: 2019\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922%40%3Cannounce.apache.org%3E\", \"name\": \"[announce] 20210125 Apache Software Foundation Security Report: 2020\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7%40%3Cannounce.apache.org%3E\", \"name\": \"[announce] 20210223 Re: Apache Software Foundation Security Report: 2020\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"shortName\": \"apache\", \"dateUpdated\": \"2021-02-24T03:06:34.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"2.3.x before 2.3.32\"}, {\"version_value\": \"2.5.x before 2.5.10.1\"}]}, \"product_name\": \"Apache Struts\"}]}, \"vendor_name\": \"Apache Software Foundation\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://nmap.org/nsedoc/scripts/http-vuln-cve2017-5638.html\", \"name\": \"https://nmap.org/nsedoc/scripts/http-vuln-cve2017-5638.html\", \"refsource\": \"MISC\"}, {\"url\": \"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-002.txt\", \"name\": \"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-002.txt\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://arstechnica.com/security/2017/03/critical-vulnerability-under-massive-attack-imperils-high-impact-sites/\", \"name\": \"https://arstechnica.com/security/2017/03/critical-vulnerability-under-massive-attack-imperils-high-impact-sites/\", \"refsource\": \"MISC\"}, {\"url\": \"https://exploit-db.com/exploits/41570\", \"name\": \"41570\", \"refsource\": \"EXPLOIT-DB\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20170310-0001/\", \"name\": \"https://security.netapp.com/advisory/ntap-20170310-0001/\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://github.com/rapid7/metasploit-framework/issues/8064\", \"name\": \"https://github.com/rapid7/metasploit-framework/issues/8064\", \"refsource\": \"MISC\"}, {\"url\": \"https://struts.apache.org/docs/s2-046.html\", \"name\": \"https://struts.apache.org/docs/s2-046.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://blog.talosintelligence.com/2017/03/apache-0-day-exploited.html\", \"name\": \"http://blog.talosintelligence.com/2017/03/apache-0-day-exploited.html\", \"refsource\": \"MISC\"}, {\"url\": \"https://www.imperva.com/blog/2017/03/cve-2017-5638-new-remote-code-execution-rce-vulnerability-in-apache-struts-2/\", \"name\": \"https://www.imperva.com/blog/2017/03/cve-2017-5638-new-remote-code-execution-rce-vulnerability-in-apache-struts-2/\", \"refsource\": \"MISC\"}, {\"url\": \"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03733en_us\", \"name\": \"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03733en_us\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://www.kb.cert.org/vuls/id/834067\", \"name\": \"VU#834067\", \"refsource\": \"CERT-VN\"}, {\"url\": \"https://isc.sans.edu/diary/22169\", \"name\": \"https://isc.sans.edu/diary/22169\", \"refsource\": \"MISC\"}, {\"url\": \"https://struts.apache.org/docs/s2-045.html\", \"name\": \"https://struts.apache.org/docs/s2-045.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.securitytracker.com/id/1037973\", \"name\": \"1037973\", \"refsource\": \"SECTRACK\"}, {\"url\": \"http://www.eweek.com/security/apache-struts-vulnerability-under-attack.html\", \"name\": \"http://www.eweek.com/security/apache-struts-vulnerability-under-attack.html\", \"refsource\": \"MISC\"}, {\"url\": \"http://www.securityfocus.com/bid/96729\", \"name\": \"96729\", \"refsource\": \"BID\"}, {\"url\": \"https://twitter.com/theog150/status/841146956135124993\", \"name\": \"https://twitter.com/theog150/status/841146956135124993\", \"refsource\": \"MISC\"}, {\"url\": \"https://github.com/mazen160/struts-pwn\", \"name\": \"https://github.com/mazen160/struts-pwn\", \"refsource\": \"MISC\"}, {\"url\": \"https://packetstormsecurity.com/files/141494/S2-45-poc.py.txt\", \"name\": \"https://packetstormsecurity.com/files/141494/S2-45-poc.py.txt\", \"refsource\": \"MISC\"}, {\"url\": \"https://www.symantec.com/security-center/network-protection-security-advisories/SA145\", \"name\": \"https://www.symantec.com/security-center/network-protection-security-advisories/SA145\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://support.lenovo.com/us/en/product_security/len-14200\", \"name\": \"https://support.lenovo.com/us/en/product_security/len-14200\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://git1-us-west.apache.org/repos/asf?p=struts.git;a=commit;h=352306493971e7d5a756d61780d57a76eb1f519a\", \"name\": \"https://git1-us-west.apache.org/repos/asf?p=struts.git;a=commit;h=352306493971e7d5a756d61780d57a76eb1f519a\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03723en_us\", \"name\": \"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03723en_us\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://git1-us-west.apache.org/repos/asf?p=struts.git;a=commit;h=6b8272ce47160036ed120a48345d9aa884477228\", \"name\": \"https://git1-us-west.apache.org/repos/asf?p=struts.git;a=commit;h=6b8272ce47160036ed120a48345d9aa884477228\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://cwiki.apache.org/confluence/display/WW/S2-045\", \"name\": \"https://cwiki.apache.org/confluence/display/WW/S2-045\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://www.exploit-db.com/exploits/41614/\", \"name\": \"41614\", \"refsource\": \"EXPLOIT-DB\"}, {\"url\": \"https://cwiki.apache.org/confluence/display/WW/S2-046\", \"name\": \"https://cwiki.apache.org/confluence/display/WW/S2-046\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html\", \"name\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03749en_us\", \"name\": \"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03749en_us\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-5638-apache-struts-vulnerability-remote-code-execution/\", \"name\": \"http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-5638-apache-struts-vulnerability-remote-code-execution/\", \"refsource\": \"MISC\"}, {\"url\": \"https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c@%3Cannounce.apache.org%3E\", \"name\": \"[announce] 20200131 Apache Software Foundation Security Report: 2019\", \"refsource\": \"MLIST\"}, {\"url\": \"https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922@%3Cannounce.apache.org%3E\", \"name\": \"[announce] 20210125 Apache Software Foundation Security Report: 2020\", \"refsource\": \"MLIST\"}, {\"url\": \"https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7@%3Cannounce.apache.org%3E\", \"name\": \"[announce] 20210223 Re: Apache Software Foundation Security Report: 2020\", \"refsource\": \"MLIST\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"n/a\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2017-5638\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"security@apache.org\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2017-5638\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-21T23:55:46.106Z\", \"dateReserved\": \"2017-01-29T00:00:00.000Z\", \"assignerOrgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"datePublished\": \"2017-03-11T02:11:00.000Z\", \"assignerShortName\": \"apache\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

FKIE_CVE-2017-5638

Vulnerability from fkie_nvd - Published: 2017-03-11 02:59 - Updated: 2025-10-22 00:16

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
security@apache.org	http://blog.talosintelligence.com/2017/03/apache-0-day-exploited.html	Exploit, Third Party Advisory
security@apache.org	http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-5638-apache-struts-vulnerability-remote-code-execution/	Exploit, Third Party Advisory
security@apache.org	http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-002.txt	Third Party Advisory
security@apache.org	http://www.eweek.com/security/apache-struts-vulnerability-under-attack.html	Press/Media Coverage, Third Party Advisory
security@apache.org	http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html	Patch, Third Party Advisory
security@apache.org	http://www.securityfocus.com/bid/96729	Broken Link, Third Party Advisory, VDB Entry
security@apache.org	http://www.securitytracker.com/id/1037973	Broken Link, Third Party Advisory, VDB Entry
security@apache.org	https://arstechnica.com/security/2017/03/critical-vulnerability-under-massive-attack-imperils-high-impact-sites/	Exploit, Press/Media Coverage
security@apache.org	https://cwiki.apache.org/confluence/display/WW/S2-045	Mitigation, Vendor Advisory
security@apache.org	https://cwiki.apache.org/confluence/display/WW/S2-046	Mitigation, Vendor Advisory
security@apache.org	https://exploit-db.com/exploits/41570	Exploit, Third Party Advisory, VDB Entry
security@apache.org	https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=352306493971e7d5a756d61780d57a76eb1f519a	Broken Link
security@apache.org	https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=6b8272ce47160036ed120a48345d9aa884477228	Broken Link
security@apache.org	https://github.com/mazen160/struts-pwn	Exploit
security@apache.org	https://github.com/rapid7/metasploit-framework/issues/8064	Exploit, Issue Tracking
security@apache.org	https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03733en_us	Broken Link
security@apache.org	https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03749en_us	Third Party Advisory
security@apache.org	https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03723en_us	Third Party Advisory
security@apache.org	https://isc.sans.edu/diary/22169	Exploit, Third Party Advisory
security@apache.org	https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7%40%3Cannounce.apache.org%3E	Mailing List
security@apache.org	https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E	Mailing List
security@apache.org	https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922%40%3Cannounce.apache.org%3E	Mailing List
security@apache.org	https://nmap.org/nsedoc/scripts/http-vuln-cve2017-5638.html	Exploit, Third Party Advisory
security@apache.org	https://packetstormsecurity.com/files/141494/S2-45-poc.py.txt	Exploit, Third Party Advisory, VDB Entry
security@apache.org	https://security.netapp.com/advisory/ntap-20170310-0001/	Third Party Advisory
security@apache.org	https://struts.apache.org/docs/s2-045.html	Mitigation, Vendor Advisory
security@apache.org	https://struts.apache.org/docs/s2-046.html	Mitigation, Vendor Advisory
security@apache.org	https://support.lenovo.com/us/en/product_security/len-14200	Third Party Advisory
security@apache.org	https://twitter.com/theog150/status/841146956135124993	Broken Link, Third Party Advisory
security@apache.org	https://www.exploit-db.com/exploits/41614/	Exploit, Third Party Advisory, VDB Entry
security@apache.org	https://www.imperva.com/blog/2017/03/cve-2017-5638-new-remote-code-execution-rce-vulnerability-in-apache-struts-2/	Third Party Advisory
security@apache.org	https://www.kb.cert.org/vuls/id/834067	Third Party Advisory, US Government Resource
security@apache.org	https://www.symantec.com/security-center/network-protection-security-advisories/SA145	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://blog.talosintelligence.com/2017/03/apache-0-day-exploited.html	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-5638-apache-struts-vulnerability-remote-code-execution/	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-002.txt	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.eweek.com/security/apache-struts-vulnerability-under-attack.html	Press/Media Coverage, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/96729	Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1037973	Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://arstechnica.com/security/2017/03/critical-vulnerability-under-massive-attack-imperils-high-impact-sites/	Exploit, Press/Media Coverage
af854a3a-2127-422b-91ae-364da2661108	https://cwiki.apache.org/confluence/display/WW/S2-045	Mitigation, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://cwiki.apache.org/confluence/display/WW/S2-046	Mitigation, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exploit-db.com/exploits/41570	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=352306493971e7d5a756d61780d57a76eb1f519a	Broken Link
af854a3a-2127-422b-91ae-364da2661108	https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=6b8272ce47160036ed120a48345d9aa884477228	Broken Link
af854a3a-2127-422b-91ae-364da2661108	https://github.com/mazen160/struts-pwn	Exploit
af854a3a-2127-422b-91ae-364da2661108	https://github.com/rapid7/metasploit-framework/issues/8064	Exploit, Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03733en_us	Broken Link
af854a3a-2127-422b-91ae-364da2661108	https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03749en_us	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03723en_us	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://isc.sans.edu/diary/22169	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7%40%3Cannounce.apache.org%3E	Mailing List
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E	Mailing List
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922%40%3Cannounce.apache.org%3E	Mailing List
af854a3a-2127-422b-91ae-364da2661108	https://nmap.org/nsedoc/scripts/http-vuln-cve2017-5638.html	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://packetstormsecurity.com/files/141494/S2-45-poc.py.txt	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://security.netapp.com/advisory/ntap-20170310-0001/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://struts.apache.org/docs/s2-045.html	Mitigation, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://struts.apache.org/docs/s2-046.html	Mitigation, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.lenovo.com/us/en/product_security/len-14200	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://twitter.com/theog150/status/841146956135124993	Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/41614/	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://www.imperva.com/blog/2017/03/cve-2017-5638-new-remote-code-execution-rce-vulnerability-in-apache-struts-2/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.kb.cert.org/vuls/id/834067	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	https://www.symantec.com/security-center/network-protection-security-advisories/SA145	Broken Link
134c704f-9b21-4f2e-91b3-4a467353bcc0	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-5638

Impacted products

Vendor	Product	Version
apache	struts	*
apache	struts	*
ibm	storwize_v3500_firmware	7.7.1.6
ibm	storwize_v3500_firmware	7.8.1.0
ibm	storwize_v3500	-
ibm	storwize_v5000_firmware	7.7.1.6
ibm	storwize_v5000_firmware	7.8.1.0
ibm	storwize_v5000	-
ibm	storwize_v7000_firmware	7.7.1.6
ibm	storwize_v7000_firmware	7.8.1.0
ibm	storwize_v7000	-
lenovo	storage_v5030_firmware	7.7.1.6
lenovo	storage_v5030_firmware	7.8.1.0
lenovo	storage_v5030	-
hp	server_automation	9.1.0
hp	server_automation	10.0.0
hp	server_automation	10.1.0
hp	server_automation	10.2.0
hp	server_automation	10.5.0
oracle	weblogic_server	10.3.6.0.0
oracle	weblogic_server	12.1.3.0.0
oracle	weblogic_server	12.2.1.1.0
oracle	weblogic_server	12.2.1.2.0
arubanetworks	clearpass_policy_manager	*
netapp	oncommand_balance	-

JSON

To clipboard

{
  "cisaActionDue": "2022-05-03",
  "cisaExploitAdd": "2021-11-03",
  "cisaRequiredAction": "Apply updates per vendor instructions.",
  "cisaVulnerabilityName": "Apache Struts Remote Code Execution Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "40D3EE72-E37F-4F4C-996D-50E144CF43DD",
              "versionEndExcluding": "2.3.32",
              "versionStartIncluding": "2.2.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2F63D06-B26A-4DB6-8B07-B847554ABCA8",
              "versionEndExcluding": "2.5.10.1",
              "versionStartIncluding": "2.5.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:7.7.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AB119E1-7736-4C99-AD9C-9E8820769D4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v3500_firmware:7.8.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8A0C06E-B833-4A52-B1F0-FEC9BEF372A4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v3500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7352FACE-C8D0-49A7-A2D7-B755599F0FB3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:7.7.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "F445D22E-8976-4ADC-81FD-49B351B2802A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v5000_firmware:7.8.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B9E6724-8796-4DD5-9CE2-8E602DA893F9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v5000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0B69C8D-32A4-449F-9BFC-F1587C7FA8BD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:7.7.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1D7A801-1861-4479-9367-60F792BF8016",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:storwize_v7000_firmware:7.8.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDF96E49-9530-4718-B5A9-7366D10CC890",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ibm:storwize_v7000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA2ED020-4C7B-4303-ABE6-74D46D127556",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:lenovo:storage_v5030_firmware:7.7.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "371CD28E-6187-4EB1-8B73-645F7A6BFFD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:lenovo:storage_v5030_firmware:7.8.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA0AFFAA-F7AE-416C-A40D-24F972EE18BD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:lenovo:storage_v5030:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2A4179B-51C5-486B-8CFF-D49436D60910",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:hp:server_automation:9.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "112DFE68-A609-4B76-8227-4DE9CAC25F54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:hp:server_automation:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "951C042F-9C83-4DBB-8070-A926A1B46591",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:hp:server_automation:10.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC9404A4-6B73-436E-A8FB-914530D6000A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:hp:server_automation:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "32AFBE84-5394-49A1-844A-ED964A46ACF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:hp:server_automation:10.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "38ABFD4F-8E97-4418-A921-BF9F4D95A4A4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B40B13B7-68B3-4510-968C-6A730EB46462",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C93CC705-1F8C-4870-99E6-14BF264C3811",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:weblogic_server:12.2.1.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "29F4C533-DE42-463B-9D80-5D4C85BF1A5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:weblogic_server:12.2.1.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A1728D5-E03B-49A0-849C-B722197AF054",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:arubanetworks:clearpass_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D1193B0-59C9-4AC0-BBA0-CED6FCC91883",
              "versionEndExcluding": "6.6.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DCBCC5D-C396-47A8-ADF4-D3A2C4377FB1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string."
    },
    {
      "lang": "es",
      "value": "El analizador sint\u00e1ctico Jakarta Multipart en Apache Struts 2 en versiones 2.3.x anteriores a la 2.3.32 y versiones 2.5.x anteriores a la 2.5.10.1 no maneja correctamente las excepciones y la generaci\u00f3n de mensajes de error, lo que permite a atacantes remotos ejecutar comandos arbitrarios a trav\u00e9s de una cadena #cmd= en un encabezado HTTP de Content-Type, Content-Disposition o Content-Length manipulado."
    }
  ],
  "id": "CVE-2017-5638",
  "lastModified": "2025-10-22T00:16:06.887",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2017-03-11T02:59:00.150",
  "references": [
    {
      "source": "security@apache.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "http://blog.talosintelligence.com/2017/03/apache-0-day-exploited.html"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-5638-apache-struts-vulnerability-remote-code-execution/"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-002.txt"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Press/Media Coverage",
        "Third Party Advisory"
      ],
      "url": "http://www.eweek.com/security/apache-struts-vulnerability-under-attack.html"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/96729"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1037973"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Exploit",
        "Press/Media Coverage"
      ],
      "url": "https://arstechnica.com/security/2017/03/critical-vulnerability-under-massive-attack-imperils-high-impact-sites/"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://cwiki.apache.org/confluence/display/WW/S2-045"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://cwiki.apache.org/confluence/display/WW/S2-046"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exploit-db.com/exploits/41570"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Broken Link"
      ],
      "url": "https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=352306493971e7d5a756d61780d57a76eb1f519a"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Broken Link"
      ],
      "url": "https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=6b8272ce47160036ed120a48345d9aa884477228"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Exploit"
      ],
      "url": "https://github.com/mazen160/struts-pwn"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Exploit",
        "Issue Tracking"
      ],
      "url": "https://github.com/rapid7/metasploit-framework/issues/8064"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Broken Link"
      ],
      "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03733en_us"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03749en_us"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03723en_us"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://isc.sans.edu/diary/22169"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7%40%3Cannounce.apache.org%3E"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922%40%3Cannounce.apache.org%3E"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://nmap.org/nsedoc/scripts/http-vuln-cve2017-5638.html"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://packetstormsecurity.com/files/141494/S2-45-poc.py.txt"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20170310-0001/"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://struts.apache.org/docs/s2-045.html"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://struts.apache.org/docs/s2-046.html"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.lenovo.com/us/en/product_security/len-14200"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "https://twitter.com/theog150/status/841146956135124993"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/41614/"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.imperva.com/blog/2017/03/cve-2017-5638-new-remote-code-execution-rce-vulnerability-in-apache-struts-2/"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.kb.cert.org/vuls/id/834067"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Broken Link"
      ],
      "url": "https://www.symantec.com/security-center/network-protection-security-advisories/SA145"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "http://blog.talosintelligence.com/2017/03/apache-0-day-exploited.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-5638-apache-struts-vulnerability-remote-code-execution/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-002.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Press/Media Coverage",
        "Third Party Advisory"
      ],
      "url": "http://www.eweek.com/security/apache-struts-vulnerability-under-attack.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/96729"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1037973"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Press/Media Coverage"
      ],
      "url": "https://arstechnica.com/security/2017/03/critical-vulnerability-under-massive-attack-imperils-high-impact-sites/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://cwiki.apache.org/confluence/display/WW/S2-045"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://cwiki.apache.org/confluence/display/WW/S2-046"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exploit-db.com/exploits/41570"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=352306493971e7d5a756d61780d57a76eb1f519a"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=6b8272ce47160036ed120a48345d9aa884477228"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "https://github.com/mazen160/struts-pwn"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Issue Tracking"
      ],
      "url": "https://github.com/rapid7/metasploit-framework/issues/8064"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03733en_us"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03749en_us"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03723en_us"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://isc.sans.edu/diary/22169"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7%40%3Cannounce.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922%40%3Cannounce.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://nmap.org/nsedoc/scripts/http-vuln-cve2017-5638.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://packetstormsecurity.com/files/141494/S2-45-poc.py.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20170310-0001/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://struts.apache.org/docs/s2-045.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://struts.apache.org/docs/s2-046.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.lenovo.com/us/en/product_security/len-14200"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory"
      ],
      "url": "https://twitter.com/theog150/status/841146956135124993"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/41614/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.imperva.com/blog/2017/03/cve-2017-5638-new-remote-code-execution-rce-vulnerability-in-apache-struts-2/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.kb.cert.org/vuls/id/834067"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://www.symantec.com/security-center/network-protection-security-advisories/SA145"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-5638"
    }
  ],
  "sourceIdentifier": "security@apache.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-755"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-755"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

CNVD-2017-02474

Vulnerability from cnvd - Published: 2017-03-07

Title

Apache Struts2存在S2-045远程代码执行漏洞

Description

Apache Struts是一款用于创建企业级Java Web应用的开源框架。 Apache Struts2存在S2-045远程代码执行漏洞。远程攻击者利用该漏洞可直接取得网站服务器控制权。

Severity

高

Patch Name

Apache Struts2存在S2-045远程代码执行漏洞的补丁

Patch Description

Apache Struts是一款用于创建企业级Java Web应用的开源框架。 Apache Struts2存在S2-045远程代码执行漏洞。远程攻击者利用该漏洞可直接取得网站服务器控制权。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

Apache Struts官方已在发布的新的版本中修复了该漏洞。建议使用Jakarta Multipart parser模块的用户升级到Apache Struts版本2.3.32或2.5.10.1： https://cwiki.apache.org/confluence/display/WW/S2-045

Reference

https://cwiki.apache.org/confluence/display/WW/S2-045 http://0day5.com/archives/4334/

Impacted products

Name
['Apache struts >=2.3.5，<=2.3.31', 'Apache struts >=2.5，<=2.5.10']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-5638"
    }
  },
  "description": "Apache Struts\u662f\u4e00\u6b3e\u7528\u4e8e\u521b\u5efa\u4f01\u4e1a\u7ea7Java Web\u5e94\u7528\u7684\u5f00\u6e90\u6846\u67b6\u3002\r\n\r\nApache Struts2\u5b58\u5728S2-045\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u8be5\u6f0f\u6d1e\u53ef\u76f4\u63a5\u53d6\u5f97\u7f51\u7ad9\u670d\u52a1\u5668\u63a7\u5236\u6743\u3002",
  "discovererName": "nike.zheng",
  "formalWay": "Apache Struts\u5b98\u65b9\u5df2\u5728\u53d1\u5e03\u7684\u65b0\u7684\u7248\u672c\u4e2d\u4fee\u590d\u4e86\u8be5\u6f0f\u6d1e\u3002\u5efa\u8bae\u4f7f\u7528Jakarta Multipart parser\u6a21\u5757\u7684\u7528\u6237\u5347\u7ea7\u5230Apache Struts\u7248\u672c2.3.32\u62162.5.10.1\uff1a\r\nhttps://cwiki.apache.org/confluence/display/WW/S2-045",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-02474",
  "openTime": "2017-03-07",
  "patchDescription": "Apache Struts\u662f\u4e00\u6b3e\u7528\u4e8e\u521b\u5efa\u4f01\u4e1a\u7ea7Java Web\u5e94\u7528\u7684\u5f00\u6e90\u6846\u67b6\u3002\r\n\r\nApache Struts2\u5b58\u5728S2-045\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u8be5\u6f0f\u6d1e\u53ef\u76f4\u63a5\u53d6\u5f97\u7f51\u7ad9\u670d\u52a1\u5668\u63a7\u5236\u6743\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Apache Struts2\u5b58\u5728S2-045\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Apache struts \u003e=2.3.5\uff0c\u003c=2.3.31",
      "Apache struts  \u003e=2.5\uff0c\u003c=2.5.10"
    ]
  },
  "referenceLink": "https://cwiki.apache.org/confluence/display/WW/S2-045\r\nhttp://0day5.com/archives/4334/",
  "serverity": "\u9ad8",
  "submitTime": "2017-03-07",
  "title": "Apache Struts2\u5b58\u5728S2-045\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e"
}

GSD-2017-5638

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2017-5638

Aliases

CVE-2017-5638

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2017-5638",
    "description": "The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string.",
    "id": "GSD-2017-5638",
    "references": [
      "https://www.suse.com/security/cve/CVE-2017-5638.html",
      "https://packetstormsecurity.com/files/cve/CVE-2017-5638"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2017-5638"
      ],
      "details": "The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string.",
      "id": "GSD-2017-5638",
      "modified": "2023-12-13T01:21:13.973416Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cisa.gov": {
      "cveID": "CVE-2017-5638",
      "dateAdded": "2021-11-03",
      "dueDate": "2022-05-03",
      "product": "Struts",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string.",
      "vendorProject": "Apache",
      "vulnerabilityName": "Apache Struts Jakarta Multipart parser exception handling vulnerability"
    },
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@apache.org",
        "ID": "CVE-2017-5638",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Apache Struts",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "2.3.x before 2.3.32"
                        },
                        {
                          "version_value": "2.5.x before 2.5.10.1"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Apache Software Foundation"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://nmap.org/nsedoc/scripts/http-vuln-cve2017-5638.html",
            "refsource": "MISC",
            "url": "https://nmap.org/nsedoc/scripts/http-vuln-cve2017-5638.html"
          },
          {
            "name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-002.txt",
            "refsource": "CONFIRM",
            "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-002.txt"
          },
          {
            "name": "https://arstechnica.com/security/2017/03/critical-vulnerability-under-massive-attack-imperils-high-impact-sites/",
            "refsource": "MISC",
            "url": "https://arstechnica.com/security/2017/03/critical-vulnerability-under-massive-attack-imperils-high-impact-sites/"
          },
          {
            "name": "41570",
            "refsource": "EXPLOIT-DB",
            "url": "https://exploit-db.com/exploits/41570"
          },
          {
            "name": "https://security.netapp.com/advisory/ntap-20170310-0001/",
            "refsource": "CONFIRM",
            "url": "https://security.netapp.com/advisory/ntap-20170310-0001/"
          },
          {
            "name": "https://github.com/rapid7/metasploit-framework/issues/8064",
            "refsource": "MISC",
            "url": "https://github.com/rapid7/metasploit-framework/issues/8064"
          },
          {
            "name": "https://struts.apache.org/docs/s2-046.html",
            "refsource": "CONFIRM",
            "url": "https://struts.apache.org/docs/s2-046.html"
          },
          {
            "name": "http://blog.talosintelligence.com/2017/03/apache-0-day-exploited.html",
            "refsource": "MISC",
            "url": "http://blog.talosintelligence.com/2017/03/apache-0-day-exploited.html"
          },
          {
            "name": "https://www.imperva.com/blog/2017/03/cve-2017-5638-new-remote-code-execution-rce-vulnerability-in-apache-struts-2/",
            "refsource": "MISC",
            "url": "https://www.imperva.com/blog/2017/03/cve-2017-5638-new-remote-code-execution-rce-vulnerability-in-apache-struts-2/"
          },
          {
            "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03733en_us",
            "refsource": "CONFIRM",
            "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03733en_us"
          },
          {
            "name": "VU#834067",
            "refsource": "CERT-VN",
            "url": "https://www.kb.cert.org/vuls/id/834067"
          },
          {
            "name": "https://isc.sans.edu/diary/22169",
            "refsource": "MISC",
            "url": "https://isc.sans.edu/diary/22169"
          },
          {
            "name": "https://struts.apache.org/docs/s2-045.html",
            "refsource": "CONFIRM",
            "url": "https://struts.apache.org/docs/s2-045.html"
          },
          {
            "name": "1037973",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1037973"
          },
          {
            "name": "http://www.eweek.com/security/apache-struts-vulnerability-under-attack.html",
            "refsource": "MISC",
            "url": "http://www.eweek.com/security/apache-struts-vulnerability-under-attack.html"
          },
          {
            "name": "96729",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/96729"
          },
          {
            "name": "https://twitter.com/theog150/status/841146956135124993",
            "refsource": "MISC",
            "url": "https://twitter.com/theog150/status/841146956135124993"
          },
          {
            "name": "https://github.com/mazen160/struts-pwn",
            "refsource": "MISC",
            "url": "https://github.com/mazen160/struts-pwn"
          },
          {
            "name": "https://packetstormsecurity.com/files/141494/S2-45-poc.py.txt",
            "refsource": "MISC",
            "url": "https://packetstormsecurity.com/files/141494/S2-45-poc.py.txt"
          },
          {
            "name": "https://www.symantec.com/security-center/network-protection-security-advisories/SA145",
            "refsource": "CONFIRM",
            "url": "https://www.symantec.com/security-center/network-protection-security-advisories/SA145"
          },
          {
            "name": "https://support.lenovo.com/us/en/product_security/len-14200",
            "refsource": "CONFIRM",
            "url": "https://support.lenovo.com/us/en/product_security/len-14200"
          },
          {
            "name": "https://git1-us-west.apache.org/repos/asf?p=struts.git;a=commit;h=352306493971e7d5a756d61780d57a76eb1f519a",
            "refsource": "CONFIRM",
            "url": "https://git1-us-west.apache.org/repos/asf?p=struts.git;a=commit;h=352306493971e7d5a756d61780d57a76eb1f519a"
          },
          {
            "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03723en_us",
            "refsource": "CONFIRM",
            "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03723en_us"
          },
          {
            "name": "https://git1-us-west.apache.org/repos/asf?p=struts.git;a=commit;h=6b8272ce47160036ed120a48345d9aa884477228",
            "refsource": "CONFIRM",
            "url": "https://git1-us-west.apache.org/repos/asf?p=struts.git;a=commit;h=6b8272ce47160036ed120a48345d9aa884477228"
          },
          {
            "name": "https://cwiki.apache.org/confluence/display/WW/S2-045",
            "refsource": "CONFIRM",
            "url": "https://cwiki.apache.org/confluence/display/WW/S2-045"
          },
          {
            "name": "41614",
            "refsource": "EXPLOIT-DB",
            "url": "https://www.exploit-db.com/exploits/41614/"
          },
          {
            "name": "https://cwiki.apache.org/confluence/display/WW/S2-046",
            "refsource": "CONFIRM",
            "url": "https://cwiki.apache.org/confluence/display/WW/S2-046"
          },
          {
            "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
            "refsource": "CONFIRM",
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
          },
          {
            "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03749en_us",
            "refsource": "CONFIRM",
            "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03749en_us"
          },
          {
            "name": "http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-5638-apache-struts-vulnerability-remote-code-execution/",
            "refsource": "MISC",
            "url": "http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-5638-apache-struts-vulnerability-remote-code-execution/"
          },
          {
            "name": "[announce] 20200131 Apache Software Foundation Security Report: 2019",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c@%3Cannounce.apache.org%3E"
          },
          {
            "name": "[announce] 20210125 Apache Software Foundation Security Report: 2020",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922@%3Cannounce.apache.org%3E"
          },
          {
            "name": "[announce] 20210223 Re: Apache Software Foundation Security Report: 2020",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7@%3Cannounce.apache.org%3E"
          }
        ]
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "[2.3.5,2.3.14.3],[2.3.15,2.3.15.3],[2.3.16,2.3.16.3],[2.3.17], [2.3.19,2.3.20.3],[2.3.21,2.3.24.3],[2.3.25,2.3.28.1],[2.3.29,2.3.31], [2.5,2.5.10]",
          "affected_versions": "All versions starting from 2.3.5 up to 2.3.14.3, all versions starting from 2.3.15 up to 2.3.15.3, all versions starting from 2.3.16 up to 2.3.16.3, version 2.3.17, all versions starting from 2.3.19 up to 2.3.20.3, all versions starting from 2.3.21 up to 2.3.24.3, all versions starting from 2.3.25 up to 2.3.28.1, all versions starting from 2.3.29 up to 2.3.31, all versions starting from 2.5 up to 2.5.10",
          "cvss_v2": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
          "cwe_ids": [
            "CWE-1035",
            "CWE-20",
            "CWE-937"
          ],
          "date": "2018-03-04",
          "description": "The Jakarta Multipart parser in Apache has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted `Content-Type`, `Content-Disposition`, or `Content-Length` HTTP header.",
          "fixed_versions": [
            "2.3.32",
            "2.5.10.1"
          ],
          "identifier": "CVE-2017-5638",
          "identifiers": [
            "CVE-2017-5638"
          ],
          "not_impacted": "All versions before 2.3.5, all versions after 2.3.14.3 before 2.3.15, all versions after 2.3.15.3 before 2.3.16, all versions after 2.3.16.3 before 2.3.17, all versions after 2.3.17 before 2.3.19, all versions after 2.3.20.3 before 2.3.21, all versions after 2.3.24.3 before 2.3.25, all versions after 2.3.28.1 before 2.3.29, all versions after 2.3.31 before 2.5, all versions after 2.5.10",
          "package_slug": "maven/org.apache.struts/struts2-core",
          "pubdate": "2017-03-11",
          "solution": "Upgrade to versions 2.3.32, 2.5.10.1 or above.",
          "title": "Possible Remote Code Execution when performing file upload based on Jakarta Multipart parser.",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2017-5638",
            "http://www.securityfocus.com/bid/96729",
            "https://cwiki.apache.org/confluence/display/WW/S2-045",
            "https://exploit-db.com/exploits/41570",
            "https://packetstormsecurity.com/files/141494/S2-45-poc.py.txt",
            "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5638"
          ],
          "uuid": "40296bd2-1706-4e1b-9f25-8636282fb531"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.15.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.15.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.19:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.20:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.20.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.24.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.24.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.29:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.30:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.14.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.16.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.17:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.23:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.24:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.28:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.28.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.15.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.16:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.20.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.20.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.24.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.25:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.31:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.14.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.14.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.16.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.16.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.21:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.22:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.26:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.27:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.5.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.5.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.5.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.5.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.5.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.5.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.5.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.5.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.5.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.5.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@apache.org",
          "ID": "CVE-2017-5638"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://isc.sans.edu/diary/22169",
              "refsource": "MISC",
              "tags": [
                "Technical Description",
                "Third Party Advisory"
              ],
              "url": "https://isc.sans.edu/diary/22169"
            },
            {
              "name": "https://github.com/rapid7/metasploit-framework/issues/8064",
              "refsource": "MISC",
              "tags": [
                "Exploit"
              ],
              "url": "https://github.com/rapid7/metasploit-framework/issues/8064"
            },
            {
              "name": "https://git1-us-west.apache.org/repos/asf?p=struts.git;a=commit;h=6b8272ce47160036ed120a48345d9aa884477228",
              "refsource": "CONFIRM",
              "tags": [
                "Patch"
              ],
              "url": "https://git1-us-west.apache.org/repos/asf?p=struts.git;a=commit;h=6b8272ce47160036ed120a48345d9aa884477228"
            },
            {
              "name": "https://git1-us-west.apache.org/repos/asf?p=struts.git;a=commit;h=352306493971e7d5a756d61780d57a76eb1f519a",
              "refsource": "CONFIRM",
              "tags": [
                "Patch"
              ],
              "url": "https://git1-us-west.apache.org/repos/asf?p=struts.git;a=commit;h=352306493971e7d5a756d61780d57a76eb1f519a"
            },
            {
              "name": "https://cwiki.apache.org/confluence/display/WW/S2-045",
              "refsource": "CONFIRM",
              "tags": [
                "Mitigation",
                "Vendor Advisory"
              ],
              "url": "https://cwiki.apache.org/confluence/display/WW/S2-045"
            },
            {
              "name": "http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-5638-apache-struts-vulnerability-remote-code-execution/",
              "refsource": "MISC",
              "tags": [
                "Technical Description",
                "Third Party Advisory"
              ],
              "url": "http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-5638-apache-struts-vulnerability-remote-code-execution/"
            },
            {
              "name": "http://blog.talosintelligence.com/2017/03/apache-0-day-exploited.html",
              "refsource": "MISC",
              "tags": [
                "Technical Description",
                "Third Party Advisory"
              ],
              "url": "http://blog.talosintelligence.com/2017/03/apache-0-day-exploited.html"
            },
            {
              "name": "https://packetstormsecurity.com/files/141494/S2-45-poc.py.txt",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "VDB Entry"
              ],
              "url": "https://packetstormsecurity.com/files/141494/S2-45-poc.py.txt"
            },
            {
              "name": "https://nmap.org/nsedoc/scripts/http-vuln-cve2017-5638.html",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://nmap.org/nsedoc/scripts/http-vuln-cve2017-5638.html"
            },
            {
              "name": "https://github.com/mazen160/struts-pwn",
              "refsource": "MISC",
              "tags": [
                "Exploit"
              ],
              "url": "https://github.com/mazen160/struts-pwn"
            },
            {
              "name": "41570",
              "refsource": "EXPLOIT-DB",
              "tags": [
                "Exploit",
                "VDB Entry"
              ],
              "url": "https://exploit-db.com/exploits/41570"
            },
            {
              "name": "https://twitter.com/theog150/status/841146956135124993",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://twitter.com/theog150/status/841146956135124993"
            },
            {
              "name": "https://arstechnica.com/security/2017/03/critical-vulnerability-under-massive-attack-imperils-high-impact-sites/",
              "refsource": "MISC",
              "tags": [
                "Press/Media Coverage"
              ],
              "url": "https://arstechnica.com/security/2017/03/critical-vulnerability-under-massive-attack-imperils-high-impact-sites/"
            },
            {
              "name": "96729",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/96729"
            },
            {
              "name": "http://www.eweek.com/security/apache-struts-vulnerability-under-attack.html",
              "refsource": "MISC",
              "tags": [
                "Press/Media Coverage"
              ],
              "url": "http://www.eweek.com/security/apache-struts-vulnerability-under-attack.html"
            },
            {
              "name": "https://www.imperva.com/blog/2017/03/cve-2017-5638-new-remote-code-execution-rce-vulnerability-in-apache-struts-2/",
              "refsource": "MISC",
              "tags": [],
              "url": "https://www.imperva.com/blog/2017/03/cve-2017-5638-new-remote-code-execution-rce-vulnerability-in-apache-struts-2/"
            },
            {
              "name": "https://support.lenovo.com/us/en/product_security/len-14200",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://support.lenovo.com/us/en/product_security/len-14200"
            },
            {
              "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03723en_us",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03723en_us"
            },
            {
              "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03733en_us",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03733en_us"
            },
            {
              "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03749en_us",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03749en_us"
            },
            {
              "name": "1037973",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id/1037973"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
            },
            {
              "name": "41614",
              "refsource": "EXPLOIT-DB",
              "tags": [],
              "url": "https://www.exploit-db.com/exploits/41614/"
            },
            {
              "name": "https://www.symantec.com/security-center/network-protection-security-advisories/SA145",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://www.symantec.com/security-center/network-protection-security-advisories/SA145"
            },
            {
              "name": "https://struts.apache.org/docs/s2-046.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://struts.apache.org/docs/s2-046.html"
            },
            {
              "name": "https://struts.apache.org/docs/s2-045.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://struts.apache.org/docs/s2-045.html"
            },
            {
              "name": "https://cwiki.apache.org/confluence/display/WW/S2-046",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://cwiki.apache.org/confluence/display/WW/S2-046"
            },
            {
              "name": "VU#834067",
              "refsource": "CERT-VN",
              "tags": [],
              "url": "https://www.kb.cert.org/vuls/id/834067"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20170310-0001/",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://security.netapp.com/advisory/ntap-20170310-0001/"
            },
            {
              "name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-002.txt",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-002.txt"
            },
            {
              "name": "[announce] 20200131 Apache Software Foundation Security Report: 2019",
              "refsource": "MLIST",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c@%3Cannounce.apache.org%3E"
            },
            {
              "name": "[announce] 20210125 Apache Software Foundation Security Report: 2020",
              "refsource": "MLIST",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922@%3Cannounce.apache.org%3E"
            },
            {
              "name": "[announce] 20210223 Re: Apache Software Foundation Security Report: 2020",
              "refsource": "MLIST",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7@%3Cannounce.apache.org%3E"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 10.0,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 6.0
        }
      },
      "lastModifiedDate": "2021-02-24T12:15Z",
      "publishedDate": "2017-03-11T02:59Z"
    }
  }
}

CERTFR-2017-AVI-122

Vulnerability from certfr_avis - Published: 2017-04-19 - Updated: 2017-04-19

De multiples vulnérabilités ont été corrigées dans Oracle MySQL. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à l'intégrité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Oracle	MySQL	Oracle MySQL Cluster versions 7.2.27 et antérieures
Oracle	MySQL	Oracle MySQL Enterprise Backup versions 3.12.3 et antérieures
Oracle	MySQL	Oracle MySQL Connectors versions 5.1.41 et antérieures
Oracle	MySQL	Oracle MySQL Cluster versions 7.4.14 et antérieures
Oracle	MySQL	Oracle MySQL Enterprise Monitor versions 3.2.1182 et antérieures
Oracle	MySQL	Oracle MySQL Enterprise Backup versions 4.0.3 et antérieures
Oracle	MySQL	Oracle MySQL Workbench versions 6.3.8 et antérieures
Oracle	MySQL	Oracle MySQL Server versions 5.6.35 et antérieures
Oracle	MySQL	Oracle MySQL Enterprise Monitor versions 3.1.6.8003 et antérieures
Oracle	MySQL	Oracle MySQL Enterprise Monitor versions 3.3.2.1162 et antérieures
Oracle	MySQL	Oracle MySQL Server versions 5.7.17 et antérieures
Oracle	MySQL	Oracle MySQL Connectors versions 2.1.5 et antérieures
Oracle	MySQL	Oracle MySQL Cluster versions 7.5.5 et antérieures
Oracle	MySQL	Oracle MySQL Server versions 5.5.54 et antérieures
Oracle	MySQL	Oracle MySQL Cluster versions 7.3.16 et antérieures

References

Title

Publication Time

Tags

Bulletin de sécurité Oracle cpuapr2017verbose-3236619 du 18 avril 2017	None	vendor-advisory
Bulletin de sécurité Oracle cpuapr2017-3236618 du 18 avril 2017	None	vendor-advisory
Bulletin de sécurité Oracle cpuapr2017-3236618 du 18 avril 2017	-	other
Bulletin de sécurité Oracle cpuapr2017verbose-3236619 du 18 avril 2017	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Oracle MySQL Cluster versions 7.2.27 et ant\u00e9rieures",
      "product": {
        "name": "MySQL",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle MySQL Enterprise Backup versions 3.12.3 et ant\u00e9rieures",
      "product": {
        "name": "MySQL",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle MySQL Connectors versions 5.1.41 et ant\u00e9rieures",
      "product": {
        "name": "MySQL",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle MySQL Cluster versions 7.4.14 et ant\u00e9rieures",
      "product": {
        "name": "MySQL",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle MySQL Enterprise Monitor versions 3.2.1182 et ant\u00e9rieures",
      "product": {
        "name": "MySQL",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle MySQL Enterprise Backup versions 4.0.3 et ant\u00e9rieures",
      "product": {
        "name": "MySQL",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle MySQL Workbench versions 6.3.8 et ant\u00e9rieures",
      "product": {
        "name": "MySQL",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle MySQL Server versions 5.6.35 et ant\u00e9rieures",
      "product": {
        "name": "MySQL",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle MySQL Enterprise Monitor versions 3.1.6.8003 et ant\u00e9rieures",
      "product": {
        "name": "MySQL",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle MySQL Enterprise Monitor versions 3.3.2.1162 et ant\u00e9rieures",
      "product": {
        "name": "MySQL",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle MySQL Server versions 5.7.17 et ant\u00e9rieures",
      "product": {
        "name": "MySQL",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle MySQL Connectors versions 2.1.5 et ant\u00e9rieures",
      "product": {
        "name": "MySQL",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle MySQL Cluster versions 7.5.5 et ant\u00e9rieures",
      "product": {
        "name": "MySQL",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle MySQL Server versions 5.5.54 et ant\u00e9rieures",
      "product": {
        "name": "MySQL",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle MySQL Cluster versions 7.3.16 et ant\u00e9rieures",
      "product": {
        "name": "MySQL",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2017-3458",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3458"
    },
    {
      "name": "CVE-2017-3462",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3462"
    },
    {
      "name": "CVE-2017-3467",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3467"
    },
    {
      "name": "CVE-2017-3306",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3306"
    },
    {
      "name": "CVE-2017-3456",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3456"
    },
    {
      "name": "CVE-2016-3092",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3092"
    },
    {
      "name": "CVE-2017-3468",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3468"
    },
    {
      "name": "CVE-2016-2176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-2176"
    },
    {
      "name": "CVE-2017-3600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3600"
    },
    {
      "name": "CVE-2017-3731",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3731"
    },
    {
      "name": "CVE-2017-3460",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3460"
    },
    {
      "name": "CVE-2016-6303",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6303"
    },
    {
      "name": "CVE-2017-3307",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3307"
    },
    {
      "name": "CVE-2017-3453",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3453"
    },
    {
      "name": "CVE-2017-3469",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3469"
    },
    {
      "name": "CVE-2017-3590",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3590"
    },
    {
      "name": "CVE-2017-3308",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3308"
    },
    {
      "name": "CVE-2017-3599",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3599"
    },
    {
      "name": "CVE-2017-3586",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3586"
    },
    {
      "name": "CVE-2017-3463",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3463"
    },
    {
      "name": "CVE-2017-3732",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3732"
    },
    {
      "name": "CVE-2017-3461",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3461"
    },
    {
      "name": "CVE-2017-3455",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3455"
    },
    {
      "name": "CVE-2017-3302",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3302"
    },
    {
      "name": "CVE-2017-3454",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3454"
    },
    {
      "name": "CVE-2017-3450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3450"
    },
    {
      "name": "CVE-2017-3457",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3457"
    },
    {
      "name": "CVE-2017-3465",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3465"
    },
    {
      "name": "CVE-2017-3589",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3589"
    },
    {
      "name": "CVE-2017-3452",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3452"
    },
    {
      "name": "CVE-2017-3331",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3331"
    },
    {
      "name": "CVE-2017-3464",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3464"
    },
    {
      "name": "CVE-2017-3304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3304"
    },
    {
      "name": "CVE-2017-5638",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-5638"
    },
    {
      "name": "CVE-2017-3305",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3305"
    },
    {
      "name": "CVE-2017-3329",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3329"
    },
    {
      "name": "CVE-2017-3309",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3309"
    },
    {
      "name": "CVE-2017-3459",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3459"
    }
  ],
  "initial_release_date": "2017-04-19T00:00:00",
  "last_revision_date": "2017-04-19T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle cpuapr2017-3236618 du 18 avril    2017",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle cpuapr2017verbose-3236619 du 18    avril 2017",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017verbose-3236619.html#MSQL"
    }
  ],
  "reference": "CERTFR-2017-AVI-122",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2017-04-19T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eOracle MySQL\u003c/span\u003e. Certaines d\u0027entre elles permettent \u00e0\nun attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance,\nun d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle MySQL",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle cpuapr2017verbose-3236619 du 18 avril 2017",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle cpuapr2017-3236618 du 18 avril 2017",
      "url": null
    }
  ]
}

CERTFR-2017-AVI-071

Vulnerability from certfr_avis - Published: 2017-03-09 - Updated: 2017-03-09

Une vulnérabilité a été corrigée dans Apache Struts. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Apache	Struts	Apache Struts versions 2.5.x antérieures à 2.5.10.1
	Apache	Struts	Apache Struts versions 2.3.x antérieures à 2.3.32

References

Title

Publication Time

Tags

Bulletin de sécurité Apache S2-045 du 06 mars 2017

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Apache Struts versions 2.5.x ant\u00e9rieures \u00e0 2.5.10.1",
      "product": {
        "name": "Struts",
        "vendor": {
          "name": "Apache",
          "scada": false
        }
      }
    },
    {
      "description": "Apache Struts versions 2.3.x ant\u00e9rieures \u00e0 2.3.32",
      "product": {
        "name": "Struts",
        "vendor": {
          "name": "Apache",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2017-5638",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-5638"
    }
  ],
  "initial_release_date": "2017-03-09T00:00:00",
  "last_revision_date": "2017-03-09T00:00:00",
  "links": [],
  "reference": "CERTFR-2017-AVI-071",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2017-03-09T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 corrig\u00e9e dans \u003cspan class=\"textit\"\u003eApache\nStruts\u003c/span\u003e. Elle permet \u00e0 un attaquant de provoquer une ex\u00e9cution de\ncode arbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Apache Struts",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apache S2-045 du 06 mars 2017",
      "url": "https://cwiki.apache.org/confluence/display/WW/S2-045"
    }
  ]
}

GHSA-J77Q-2QQG-6989

Vulnerability from github – Published: 2018-10-18 19:24 – Updated: 2025-10-22 17:33

Summary

Apache Struts vulnerable to remote arbitrary command execution due to improper input validation

Details

Apache Struts versions prior to 2.3.32 and 2.5.10.1 contain incorrect exception handling and error-message generation during file-upload attempts using the Jakarta Multipart parser, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string.

Severity ?

10.0 (Critical)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 2.3.31"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.struts:struts2-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.3.0"
            },
            {
              "fixed": "2.3.32"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 2.5.10"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.struts:struts2-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.5.0"
            },
            {
              "fixed": "2.5.10.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2017-5638"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20",
      "CWE-755"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2020-06-16T21:42:23Z",
    "nvd_published_at": "2017-03-11T02:59:00Z",
    "severity": "CRITICAL"
  },
  "details": "Apache Struts versions prior to 2.3.32 and 2.5.10.1 contain incorrect exception handling and error-message generation during file-upload attempts using the Jakarta Multipart parser, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string.",
  "id": "GHSA-j77q-2qqg-6989",
  "modified": "2025-10-22T17:33:25Z",
  "published": "2018-10-18T19:24:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5638"
    },
    {
      "type": "WEB",
      "url": "https://github.com/rapid7/metasploit-framework/issues/8064"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/struts/commit/b06dd50af2a3319dd896bf5c2f4972d2b772cf2b"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/struts/commit/352306493971e7d5a756d61780d57a76eb1f519a"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c@%3Cannounce.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922%40%3Cannounce.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922@%3Cannounce.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://nmap.org/nsedoc/scripts/http-vuln-cve2017-5638.html"
    },
    {
      "type": "WEB",
      "url": "https://packetstormsecurity.com/files/141494/S2-45-poc.py.txt"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20170310-0001"
    },
    {
      "type": "WEB",
      "url": "https://struts.apache.org/docs/s2-045.html"
    },
    {
      "type": "WEB",
      "url": "https://struts.apache.org/docs/s2-046.html"
    },
    {
      "type": "WEB",
      "url": "https://support.lenovo.com/us/en/product_security/len-14200"
    },
    {
      "type": "WEB",
      "url": "https://twitter.com/theog150/status/841146956135124993"
    },
    {
      "type": "WEB",
      "url": "https://web.archive.org/web/20170311203630/http://www.securityfocus.com/bid/96729"
    },
    {
      "type": "WEB",
      "url": "https://web.archive.org/web/20170921030226/http://www.securitytracker.com/id/1037973"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-5638"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/41614"
    },
    {
      "type": "WEB",
      "url": "https://www.imperva.com/blog/2017/03/cve-2017-5638-new-remote-code-execution-rce-vulnerability-in-apache-struts-2"
    },
    {
      "type": "WEB",
      "url": "https://www.kb.cert.org/vuls/id/834067"
    },
    {
      "type": "WEB",
      "url": "https://www.symantec.com/security-center/network-protection-security-advisories/SA145"
    },
    {
      "type": "WEB",
      "url": "https://arstechnica.com/security/2017/03/critical-vulnerability-under-massive-attack-imperils-high-impact-sites"
    },
    {
      "type": "WEB",
      "url": "https://cwiki.apache.org/confluence/display/WW/S2-045"
    },
    {
      "type": "WEB",
      "url": "https://cwiki.apache.org/confluence/display/WW/S2-046"
    },
    {
      "type": "WEB",
      "url": "https://exploit-db.com/exploits/41570"
    },
    {
      "type": "WEB",
      "url": "https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=352306493971e7d5a756d61780d57a76eb1f519a"
    },
    {
      "type": "WEB",
      "url": "https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=6b8272ce47160036ed120a48345d9aa884477228"
    },
    {
      "type": "WEB",
      "url": "https://git1-us-west.apache.org/repos/asf?p=struts.git;a=commit;h=352306493971e7d5a756d61780d57a76eb1f519a"
    },
    {
      "type": "WEB",
      "url": "https://git1-us-west.apache.org/repos/asf?p=struts.git;a=commit;h=6b8272ce47160036ed120a48345d9aa884477228"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/advisories/GHSA-j77q-2qqg-6989"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/apache/struts"
    },
    {
      "type": "WEB",
      "url": "https://github.com/mazen160/struts-pwn"
    },
    {
      "type": "WEB",
      "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03733en_us"
    },
    {
      "type": "WEB",
      "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03749en_us"
    },
    {
      "type": "WEB",
      "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03723en_us"
    },
    {
      "type": "WEB",
      "url": "https://isc.sans.edu/diary/22169"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7%40%3Cannounce.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7@%3Cannounce.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "http://blog.talosintelligence.com/2017/03/apache-0-day-exploited.html"
    },
    {
      "type": "WEB",
      "url": "http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-5638-apache-struts-vulnerability-remote-code-execution"
    },
    {
      "type": "WEB",
      "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-002.txt"
    },
    {
      "type": "WEB",
      "url": "http://www.eweek.com/security/apache-struts-vulnerability-under-attack.html"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/96729"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1037973"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Apache Struts vulnerable to remote arbitrary command execution due to improper input validation"
}

CERTFR-2017-ALE-004

Vulnerability from certfr_alerte - Published: 2017-03-10 - Updated: 2017-05-10

Une vulnérabilité a été découverte dans Apache Struts. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance.

Description

Une vulnérabilité dans Struts permet une exécution de code arbitraire à distance.
Le 06 mars 2017, Apache a publié le bulletin de sécurité S2-045 (cf. section Documentation) afin de fournir un correctif de sécurité.
Depuis, cette vulnérabilité est activement exploitée.
Au vu de l'impact et du faible niveau de technicité nécessaire à l'exploitation de cette vulnérabilité, le CERT-FR recommande donc le déploiement du correctif dans les plus brefs délais.
Si les applications vulnérables contiennent des données sensibles, il est également fortement conseillé de les désactiver tant que la mise à jour n'a pas été appliquée.
Le 20 mars 2017, le CERT-FR a publié un article concernant cette vulnérabilité dans son bulletin d'actualité hebdomadaire (cf. section Documentation).

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Apache	Struts	Apache Struts versions 2.5.x antérieures à 2.5.10.1
	Apache	Struts	Apache Struts versions 2.3.x antérieures à 2.3.32

References

Title

Publication Time

Tags

Bulletin de sécurité Apache S2-045 du 10 mars 2017	None	vendor-advisory
Bulletin d'actualité CERT-FR CERTFR-2017-ACT-012	-	other
Billet Trend Micro	-	other
Avis CERT-FR CERTFR-2017-AVI-071	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Apache Struts versions 2.5.x ant\u00e9rieures \u00e0 2.5.10.1",
      "product": {
        "name": "Struts",
        "vendor": {
          "name": "Apache",
          "scada": false
        }
      }
    },
    {
      "description": "Apache Struts versions 2.3.x ant\u00e9rieures \u00e0 2.3.32",
      "product": {
        "name": "Struts",
        "vendor": {
          "name": "Apache",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "closed_at": "2017-05-10",
  "content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 dans Struts permet une ex\u00e9cution de code arbitraire \u00e0\ndistance.  \nLe 06 mars 2017, Apache a publi\u00e9 le bulletin de s\u00e9curit\u00e9 S2-045 (cf.\nsection Documentation) afin de fournir un correctif de s\u00e9curit\u00e9.  \nDepuis, cette vuln\u00e9rabilit\u00e9 est activement exploit\u00e9e.  \nAu vu de l\u0027impact et du faible niveau de technicit\u00e9 n\u00e9cessaire \u00e0\nl\u0027exploitation de cette vuln\u00e9rabilit\u00e9, le CERT-FR recommande donc le\nd\u00e9ploiement du correctif dans les plus brefs d\u00e9lais.  \nSi les applications vuln\u00e9rables contiennent des donn\u00e9es sensibles, il\nest \u00e9galement fortement conseill\u00e9 de les d\u00e9sactiver tant que la mise \u00e0\njour n\u0027a pas \u00e9t\u00e9 appliqu\u00e9e.  \nLe 20 mars 2017, le CERT-FR a publi\u00e9 un article concernant cette\nvuln\u00e9rabilit\u00e9 dans son bulletin d\u0027actualit\u00e9 hebdomadaire (cf. section\nDocumentation).\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2017-5638",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-5638"
    }
  ],
  "initial_release_date": "2017-03-10T00:00:00",
  "last_revision_date": "2017-05-10T00:00:00",
  "links": [
    {
      "title": "Bulletin d\u0027actualit\u00e9 CERT-FR CERTFR-2017-ACT-012",
      "url": "http://www.cert.ssi.gouv.fr/site/CERTFR-2017-ACT-012/index.html"
    },
    {
      "title": "Billet Trend Micro",
      "url": "http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-5638-apache-struts-vulnerability-remote-code-execution/"
    },
    {
      "title": "Avis CERT-FR CERTFR-2017-AVI-071",
      "url": "http://www.cert.ssi.gouv.fr/site/CERTFR-2017-AVI-071/index.html"
    }
  ],
  "reference": "CERTFR-2017-ALE-004",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2017-03-10T00:00:00.000000"
    },
    {
      "description": "passage du titre au singulier.",
      "revision_date": "2017-03-13T00:00:00.000000"
    },
    {
      "description": "ajout de la r\u00e9f\u00e9rence au bulletin d\u0027actualit\u00e9 CERT-FR CERTFR-2017-ACT-012.",
      "revision_date": "2017-03-22T00:00:00.000000"
    },
    {
      "description": "cl\u00f4ture de l\u0027alerte.",
      "revision_date": "2017-05-10T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans \u003cspan class=\"textit\"\u003eApache\nStruts\u003c/span\u003e. Elle permet \u00e0 un attaquant de provoquer une ex\u00e9cution de\ncode arbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Apache Struts",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apache S2-045 du 10 mars 2017",
      "url": "https://cwiki.apache.org/confluence/display/WW/S2-045"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2017-5638 (GCVE-0-2017-5638)

FKIE_CVE-2017-5638

CNVD-2017-02474

GSD-2017-5638

CERTFR-2017-AVI-122

Solution

CERTFR-2017-AVI-071

Solution

GHSA-J77Q-2QQG-6989

CERTFR-2017-ALE-004

Description

Solution

Tags

Sightings

Nomenclature