HomePentest-Tools.com Logo

Apache Struts Security Update (S2-012) - Active Check CVE-2013-1965

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

Apache Struts is prone to a java method execution vulnerability.

Risk description

The flaw is due to an improper validation of user data passed to the skillName parameter in edit and save actions. Successful exploitation could allow an attacker to execute arbitrary java method. Further that results to disclose environment variables or cause a denial of service or an arbitrary OS command can be executed.

Recommendation

Update to version 2.3.14.3 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Jul 10, 2013
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available