Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.812320
Kategorie:Web application abuses
Titel:Apache Struts Security Update (S2-054, S2-055)
Zusammenfassung:Apache Struts is prone multiple vulnerabilities.
Beschreibung:Summary:
Apache Struts is prone multiple vulnerabilities.

Vulnerability Insight:
Multiple flaws are due to:

- An error in 'REST' plugin which is using an outdated JSON-lib library and is not
handling malicious request with specially crafted JSON payload properly.

- An error in the latest Jackson JSON library.

Vulnerability Impact:
Successful exploitation will allow an attacker to
perform a denial of service (DoS) attack or execute arbitrary code in the context of the
affected application.

Affected Software/OS:
Apache Struts 2.5 through 2.5.14.

Solution:
Update to version 2.5.14.1 or later.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Querverweis: BugTraq ID: 102021
BugTraq ID: 99623
Common Vulnerability Exposure (CVE) ID: CVE-2017-7525
http://www.securityfocus.com/bid/99623
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
https://bugzilla.redhat.com/show_bug.cgi?id=1462702
https://cwiki.apache.org/confluence/display/WW/S2-055
https://github.com/FasterXML/jackson-databind/issues/1599
https://github.com/FasterXML/jackson-databind/issues/1723
https://security.netapp.com/advisory/ntap-20171214-0002/
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03902en_us
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
Debian Security Information: DSA-4004 (Google Search)
https://www.debian.org/security/2017/dsa-4004
https://www.oracle.com/security-alerts/cpuoct2020.html
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
https://lists.apache.org/thread.html/4641ed8616ccc2c1fbddac2c3dc9900c96387bc226eaf0232d61909b@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/rf7f87810c38dc9abf9f93989f76008f504cbf7c1a355214640b2d04c@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r42ac3e39e6265db12d9fc6ae1cd4b5fea7aed9830dc6f6d58228fed7@%3Ccommits.cassandra.apache.org%3E
https://lists.debian.org/debian-lts-announce/2020/01/msg00037.html
https://lists.debian.org/debian-lts-announce/2020/08/msg00039.html
https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E
https://lists.apache.org/thread.html/c2ed4c0126b43e324cf740012a0edd371fd36096fd777be7bfe7a2a6@%3Cdev.lucene.apache.org%3E
https://lists.apache.org/thread.html/f60afd3c7e9ebaaf70fad4a4beb75cf8740ac959017a31e7006c7486@%3Cdev.lucene.apache.org%3E
https://lists.apache.org/thread.html/c10a2bf0fdc3d25faf17bd191d6ec46b29a353fa9c97bebd7c4e5913@%3Cdev.lucene.apache.org%3E
https://lists.apache.org/thread.html/3c87dc8bca99a2b3b4743713b33d1de05b1d6b761fdf316224e9c81f@%3Cdev.lucene.apache.org%3E
https://lists.apache.org/thread.html/b1f33fe5ade396bb903fdcabe9f243f7692c7dfce5418d3743c2d346@%3Cdev.lucene.apache.org%3E
https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E
https://lists.apache.org/thread.html/5008bcbd45ee65ce39e4220b6ac53d28a24d6bc67d5804e9773a7399@%3Csolr-user.lucene.apache.org%3E
https://lists.apache.org/thread.html/c9d5ff20929e8a3c8794facf4c4b326a9c10618812eec356caa20b87@%3Csolr-user.lucene.apache.org%3E
https://lists.apache.org/thread.html/f095a791bda6c0595f691eddd0febb2d396987eec5cbd29120d8c629@%3Csolr-user.lucene.apache.org%3E
https://lists.apache.org/thread.html/r68acf97f4526ba59a33cc6e592261ea4f85d890f99e79c82d57dd589@%3Cissues.spark.apache.org%3E
RedHat Security Advisories: RHSA-2017:1834
https://access.redhat.com/errata/RHSA-2017:1834
RedHat Security Advisories: RHSA-2017:1835
https://access.redhat.com/errata/RHSA-2017:1835
RedHat Security Advisories: RHSA-2017:1836
https://access.redhat.com/errata/RHSA-2017:1836
RedHat Security Advisories: RHSA-2017:1837
https://access.redhat.com/errata/RHSA-2017:1837
RedHat Security Advisories: RHSA-2017:1839
https://access.redhat.com/errata/RHSA-2017:1839
RedHat Security Advisories: RHSA-2017:1840
https://access.redhat.com/errata/RHSA-2017:1840
RedHat Security Advisories: RHSA-2017:2477
https://access.redhat.com/errata/RHSA-2017:2477
RedHat Security Advisories: RHSA-2017:2546
https://access.redhat.com/errata/RHSA-2017:2546
RedHat Security Advisories: RHSA-2017:2547
https://access.redhat.com/errata/RHSA-2017:2547
RedHat Security Advisories: RHSA-2017:2633
https://access.redhat.com/errata/RHSA-2017:2633
RedHat Security Advisories: RHSA-2017:2635
https://access.redhat.com/errata/RHSA-2017:2635
RedHat Security Advisories: RHSA-2017:2636
https://access.redhat.com/errata/RHSA-2017:2636
RedHat Security Advisories: RHSA-2017:2637
https://access.redhat.com/errata/RHSA-2017:2637
RedHat Security Advisories: RHSA-2017:2638
https://access.redhat.com/errata/RHSA-2017:2638
RedHat Security Advisories: RHSA-2017:3141
https://access.redhat.com/errata/RHSA-2017:3141
RedHat Security Advisories: RHSA-2017:3454
https://access.redhat.com/errata/RHSA-2017:3454
RedHat Security Advisories: RHSA-2017:3455
https://access.redhat.com/errata/RHSA-2017:3455
RedHat Security Advisories: RHSA-2017:3456
https://access.redhat.com/errata/RHSA-2017:3456
RedHat Security Advisories: RHSA-2017:3458
https://access.redhat.com/errata/RHSA-2017:3458
RedHat Security Advisories: RHSA-2018:0294
https://access.redhat.com/errata/RHSA-2018:0294
RedHat Security Advisories: RHSA-2018:0342
https://access.redhat.com/errata/RHSA-2018:0342
RedHat Security Advisories: RHSA-2018:1449
https://access.redhat.com/errata/RHSA-2018:1449
RedHat Security Advisories: RHSA-2018:1450
https://access.redhat.com/errata/RHSA-2018:1450
RedHat Security Advisories: RHSA-2019:0910
https://access.redhat.com/errata/RHSA-2019:0910
RedHat Security Advisories: RHSA-2019:2858
https://access.redhat.com/errata/RHSA-2019:2858
RedHat Security Advisories: RHSA-2019:3149
https://access.redhat.com/errata/RHSA-2019:3149
http://www.securitytracker.com/id/1039744
http://www.securitytracker.com/id/1039947
http://www.securitytracker.com/id/1040360
CopyrightCopyright (C) 2017 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.