ClassLoader manipulation in Apache Struts

GHSA-prjv-jj26-wf8h · CVE-2014-0112

Published May 14, 2022 · Modified Dec 6, 2024

Description

ParametersInterceptor in Apache Struts before 2.3.20 does not properly restrict access to the getClass method, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0094.

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2014-0112
WEB https://access.redhat.com/errata/RHSA-2019:0910
WEB https://bugzilla.redhat.com/show_bug.cgi?id=1091939
WEB https://cwiki.apache.org/confluence/display/WW/S2-021
PACKAGE https://github.com/apache/struts
WEB http://jvn.jp/en/jp/JVN19294237/index.html
WEB http://jvndb.jvn.jp/jvndb/JVNDB-2014-000045
WEB http://packetstormsecurity.com/files/127215/VMware-Security-Advisory-2014-0007.html
WEB http://www-01.ibm.com/support/docview.wss?uid=swg21676706
WEB http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html
WEB http://www.vmware.com/security/advisories/VMSA-2014-0007.html

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes