HomePentest-Tools.com Logo

Apache Struts Security Update (S2-056) CVE-2018-1327

Severity
CVSSv3 Score
7.5
Vulnerability description

Apache Struts is prone to a denial of service (DoS) vulnerability.

Risk description

The flaw is due to REST Plugin which is using XStream library which is vulnerable and allow to perform a DoS attack when using a malicious request with specially crafted XML payload. Successful exploitation will allow attacker to perform a DoS attack when using a malicious request with specially crafted XML payload.

Recommendation

Update to version 2.5.16 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Mar 27, 2018
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available