HIGH 8.1 Maven KEV
REST Plugin in Apache Struts uses an XStreamHandler with an instance of XStream for deserialization without any type filtering
GHSA-gg9m-fj3v-r58c · CVE-2017-9805
Published · Modified
Description
The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads.
References
- ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2017-9805
- WEB https://github.com/apache/struts/commit/19494718865f2fb7da5ea363de3822f87fbda26
- WEB https://github.com/apache/struts/commit/6dd6e5cfb7b5e020abffe7e8091bd63fe97c10a
- WEB https://blogs.apache.org/foundation/entry/apache-struts-statement-on-equifax
- WEB https://bugzilla.redhat.com/show_bug.cgi?id=1488482
- WEB https://cwiki.apache.org/confluence/display/WW/S2-052
- PACKAGE https://github.com/apache/struts
- WEB https://lgtm.com/blog/apache_struts_CVE-2017-9805
- WEB https://security.netapp.com/advisory/ntap-20170907-0001
- WEB https://struts.apache.org/docs/s2-052.html
- WEB https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170907-struts2
- WEB https://web.archive.org/web/20170909031344/http://www.securityfocus.com/bid/100609
- WEB https://web.archive.org/web/20170922053119/http://www.securitytracker.com/id/1039263
- WEB https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-9805
- WEB https://www.exploit-db.com/exploits/42627
- WEB https://www.kb.cert.org/vuls/id/112992
- WEB http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-9805-3889403.html
- WEB http://www.securityfocus.com/bid/100609
- WEB http://www.securitytracker.com/id/1039263
Ready to move
Start Securing
Free, no credit card | First findings in minutes