HomePentest-Tools.com Logo

Apache Struts Security Update (S2-059, S2-060) CVE-2019-0230CVE-2019-0233

Severity
CVSSv3 Score
7.5
Vulnerability description

Apache Struts is prone to multiple vulnerabilities.

Risk description

The following vulnerabilities exist: - CVE-2019-0230: Forced double OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution. - CVE-2019-0233: Access permission override causing a denial of service when performing a file upload.

Recommendation

Update to version 2.5.22 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Sep 14, 2020
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available