The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
|
Configuration 7 (hide)
|
Configuration 8 (hide)
|
Configuration 9 (hide)
|
History
21 Nov 2024, 03:28
Type | Values Removed | Values Added |
---|---|---|
References | () http://blog.talosintelligence.com/2017/03/apache-0-day-exploited.html - Exploit, Third Party Advisory | |
References | () http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-5638-apache-struts-vulnerability-remote-code-execution/ - Exploit, Third Party Advisory | |
References | () http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-002.txt - Third Party Advisory | |
References | () http://www.eweek.com/security/apache-struts-vulnerability-under-attack.html - Press/Media Coverage, Third Party Advisory | |
References | () http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html - Patch, Third Party Advisory | |
References | () http://www.securityfocus.com/bid/96729 - Broken Link, Third Party Advisory, VDB Entry | |
References | () http://www.securitytracker.com/id/1037973 - Broken Link, Third Party Advisory, VDB Entry | |
References | () https://arstechnica.com/security/2017/03/critical-vulnerability-under-massive-attack-imperils-high-impact-sites/ - Exploit, Press/Media Coverage | |
References | () https://cwiki.apache.org/confluence/display/WW/S2-045 - Mitigation, Vendor Advisory | |
References | () https://cwiki.apache.org/confluence/display/WW/S2-046 - Mitigation, Vendor Advisory | |
References | () https://exploit-db.com/exploits/41570 - Exploit, Third Party Advisory, VDB Entry | |
References | () https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=352306493971e7d5a756d61780d57a76eb1f519a - Broken Link | |
References | () https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=6b8272ce47160036ed120a48345d9aa884477228 - Broken Link | |
References | () https://github.com/mazen160/struts-pwn - Exploit | |
References | () https://github.com/rapid7/metasploit-framework/issues/8064 - Exploit, Issue Tracking | |
References | () https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03733en_us - Broken Link | |
References | () https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03749en_us - Third Party Advisory | |
References | () https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03723en_us - Third Party Advisory | |
References | () https://isc.sans.edu/diary/22169 - Exploit, Third Party Advisory | |
References | () https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7%40%3Cannounce.apache.org%3E - Mailing List | |
References | () https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E - Mailing List | |
References | () https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922%40%3Cannounce.apache.org%3E - Mailing List | |
References | () https://nmap.org/nsedoc/scripts/http-vuln-cve2017-5638.html - Exploit, Third Party Advisory | |
References | () https://packetstormsecurity.com/files/141494/S2-45-poc.py.txt - Exploit, Third Party Advisory, VDB Entry | |
References | () https://security.netapp.com/advisory/ntap-20170310-0001/ - Third Party Advisory | |
References | () https://struts.apache.org/docs/s2-045.html - Mitigation, Vendor Advisory | |
References | () https://struts.apache.org/docs/s2-046.html - Mitigation, Vendor Advisory | |
References | () https://support.lenovo.com/us/en/product_security/len-14200 - Third Party Advisory | |
References | () https://twitter.com/theog150/status/841146956135124993 - Broken Link, Third Party Advisory | |
References | () https://www.exploit-db.com/exploits/41614/ - Exploit, Third Party Advisory, VDB Entry | |
References | () https://www.imperva.com/blog/2017/03/cve-2017-5638-new-remote-code-execution-rce-vulnerability-in-apache-struts-2/ - Third Party Advisory | |
References | () https://www.kb.cert.org/vuls/id/834067 - Third Party Advisory, US Government Resource | |
References | () https://www.symantec.com/security-center/network-protection-security-advisories/SA145 - Broken Link |
25 Jul 2024, 13:58
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 10.0
v3 : 9.8 |
CWE | CWE-755 | |
First Time |
Lenovo storage V5030 Firmware
Ibm storwize V5000 Firmware Ibm Hp Ibm storwize V7000 Netapp oncommand Balance Arubanetworks Ibm storwize V3500 Firmware Oracle Ibm storwize V7000 Firmware Ibm storwize V5000 Oracle weblogic Server Lenovo storage V5030 Hp server Automation Lenovo Arubanetworks clearpass Policy Manager Ibm storwize V3500 Netapp |
|
References | () http://blog.talosintelligence.com/2017/03/apache-0-day-exploited.html - Exploit, Third Party Advisory | |
References | () http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-5638-apache-struts-vulnerability-remote-code-execution/ - Exploit, Third Party Advisory | |
References | () http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-002.txt - Third Party Advisory | |
References | () http://www.eweek.com/security/apache-struts-vulnerability-under-attack.html - Press/Media Coverage, Third Party Advisory | |
References | () http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html - Patch, Third Party Advisory | |
References | () http://www.securityfocus.com/bid/96729 - Broken Link, Third Party Advisory, VDB Entry | |
References | () http://www.securitytracker.com/id/1037973 - Broken Link, Third Party Advisory, VDB Entry | |
References | () https://arstechnica.com/security/2017/03/critical-vulnerability-under-massive-attack-imperils-high-impact-sites/ - Exploit, Press/Media Coverage | |
References | () https://cwiki.apache.org/confluence/display/WW/S2-046 - Mitigation, Vendor Advisory | |
References | () https://exploit-db.com/exploits/41570 - Exploit, Third Party Advisory, VDB Entry | |
References | () https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=352306493971e7d5a756d61780d57a76eb1f519a - Broken Link | |
References | () https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=6b8272ce47160036ed120a48345d9aa884477228 - Broken Link | |
References | () https://github.com/rapid7/metasploit-framework/issues/8064 - Exploit, Issue Tracking | |
References | () https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03733en_us - Broken Link | |
References | () https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03749en_us - Third Party Advisory | |
References | () https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03723en_us - Third Party Advisory | |
References | () https://isc.sans.edu/diary/22169 - Exploit, Third Party Advisory | |
References | () https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7%40%3Cannounce.apache.org%3E - Mailing List | |
References | () https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E - Mailing List | |
References | () https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922%40%3Cannounce.apache.org%3E - Mailing List | |
References | () https://nmap.org/nsedoc/scripts/http-vuln-cve2017-5638.html - Exploit, Third Party Advisory | |
References | () https://packetstormsecurity.com/files/141494/S2-45-poc.py.txt - Exploit, Third Party Advisory, VDB Entry | |
References | () https://security.netapp.com/advisory/ntap-20170310-0001/ - Third Party Advisory | |
References | () https://struts.apache.org/docs/s2-045.html - Mitigation, Vendor Advisory | |
References | () https://struts.apache.org/docs/s2-046.html - Mitigation, Vendor Advisory | |
References | () https://support.lenovo.com/us/en/product_security/len-14200 - Third Party Advisory | |
References | () https://twitter.com/theog150/status/841146956135124993 - Broken Link, Third Party Advisory | |
References | () https://www.exploit-db.com/exploits/41614/ - Exploit, Third Party Advisory, VDB Entry | |
References | () https://www.imperva.com/blog/2017/03/cve-2017-5638-new-remote-code-execution-rce-vulnerability-in-apache-struts-2/ - Third Party Advisory | |
References | () https://www.kb.cert.org/vuls/id/834067 - Third Party Advisory, US Government Resource | |
References | () https://www.symantec.com/security-center/network-protection-security-advisories/SA145 - Broken Link | |
CPE | cpe:2.3:a:apache:struts:2.3.20.1:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.3.7:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.3.6:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.3.15:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.3.12:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.3.16:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.3.19:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.3.24.1:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.3.30:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.3.16.3:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.3.20.3:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.3.22:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.3.21:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.3.8:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.3.20.2:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.3.13:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.3.5:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.3.14.3:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.3.15.1:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.5.3:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.3.31:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.3.24.2:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.5.9:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.3.28.1:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.3.29:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.5.4:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.3.14.1:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.3.28:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.3.14.2:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.5.8:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.5.2:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.3.23:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.5.10:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.3.17:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.3.16.1:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.3.10:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.5:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.5.5:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.3.20:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.3.25:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.3.26:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.5.7:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.3.9:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.5.1:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.5.6:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.3.11:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.3.15.2:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.3.16.2:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.3.24:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.3.24.3:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.3.27:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:2.3.15.3:*:*:*:*:*:*:* |
cpe:2.3:o:ibm:storwize_v5000_firmware:7.7.1.6:*:*:*:*:*:*:* cpe:2.3:h:ibm:storwize_v7000:-:*:*:*:*:*:*:* cpe:2.3:a:hp:server_automation:10.2.0:*:*:*:*:*:*:* cpe:2.3:o:ibm:storwize_v5000_firmware:7.8.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:12.2.1.2.0:*:*:*:*:*:*:* cpe:2.3:h:ibm:storwize_v3500:-:*:*:*:*:*:*:* cpe:2.3:a:arubanetworks:clearpass_policy_manager:*:*:*:*:*:*:*:* cpe:2.3:o:ibm:storwize_v3500_firmware:7.8.1.0:*:*:*:*:*:*:* cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:* cpe:2.3:a:hp:server_automation:10.5.0:*:*:*:*:*:*:* cpe:2.3:a:hp:server_automation:10.0.0:*:*:*:*:*:*:* cpe:2.3:o:lenovo:storage_v5030_firmware:7.7.1.6:*:*:*:*:*:*:* cpe:2.3:a:hp:server_automation:10.1.0:*:*:*:*:*:*:* cpe:2.3:a:hp:server_automation:9.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:12.2.1.1.0:*:*:*:*:*:*:* cpe:2.3:o:ibm:storwize_v3500_firmware:7.7.1.6:*:*:*:*:*:*:* cpe:2.3:o:ibm:storwize_v7000_firmware:7.8.1.0:*:*:*:*:*:*:* cpe:2.3:o:ibm:storwize_v7000_firmware:7.7.1.6:*:*:*:*:*:*:* cpe:2.3:h:ibm:storwize_v5000:-:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:* cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:* cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:* cpe:2.3:o:lenovo:storage_v5030_firmware:7.8.1.0:*:*:*:*:*:*:* cpe:2.3:h:lenovo:storage_v5030:-:*:*:*:*:*:*:* |
07 Nov 2023, 02:49
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2017-03-11 02:59
Updated : 2024-11-21 03:28
NVD link : CVE-2017-5638
Mitre link : CVE-2017-5638
CVE.ORG link : CVE-2017-5638
JSON object : View
Products Affected
ibm
- storwize_v7000
- storwize_v5000_firmware
- storwize_v3500_firmware
- storwize_v7000_firmware
- storwize_v3500
- storwize_v5000
arubanetworks
- clearpass_policy_manager
lenovo
- storage_v5030
- storage_v5030_firmware
oracle
- weblogic_server
apache
- struts
netapp
- oncommand_balance
hp
- server_automation
CWE
CWE-755
Improper Handling of Exceptional Conditions