← Volver a CVEs
CVE-2017-9805
HIGHCISA KEV8.1
Descripcion
The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads.
Detalles CVE
Puntuacion CVSS v3.18.1
SeveridadHIGH
Vector CVSSCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Vector de ataqueNETWORK
ComplejidadHIGH
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado9/15/2017
Ultima modificacion10/22/2025
Fuentekev
Avistamientos honeypot0
CISA KEV
VendedorApache
ProductoStruts
Nombre vulnerabilidadApache Struts Deserialization of Untrusted Data Vulnerability
Fecha inclusion KEV2021-11-03
Fecha limite remediacion2022-05-03
Uso en ransomwareUnknown
Productos afectados
apache:strutscisco:digital_media_managercisco:hosted_collaboration_solutioncisco:media_experience_enginecisco:network_performance_analysiscisco:video_distribution_suite_for_internet_streamingnetapp:oncommand_balance
Debilidades (CWE)
CWE-502CWE-502
Referencias
http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-9805-3889403.html(security@apache.org)
http://www.securityfocus.com/bid/100609(security@apache.org)
http://www.securitytracker.com/id/1039263(security@apache.org)
https://blogs.apache.org/foundation/entry/apache-struts-statement-on-equifax(security@apache.org)
https://bugzilla.redhat.com/show_bug.cgi?id=1488482(security@apache.org)
https://cwiki.apache.org/confluence/display/WW/S2-052(security@apache.org)
https://lgtm.com/blog/apache_struts_CVE-2017-9805(security@apache.org)
https://security.netapp.com/advisory/ntap-20170907-0001/(security@apache.org)
https://struts.apache.org/docs/s2-052.html(security@apache.org)
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170907-struts2(security@apache.org)
https://www.exploit-db.com/exploits/42627/(security@apache.org)
https://www.kb.cert.org/vuls/id/112992(security@apache.org)
http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-9805-3889403.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/100609(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1039263(af854a3a-2127-422b-91ae-364da2661108)
https://blogs.apache.org/foundation/entry/apache-struts-statement-on-equifax(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=1488482(af854a3a-2127-422b-91ae-364da2661108)
https://cwiki.apache.org/confluence/display/WW/S2-052(af854a3a-2127-422b-91ae-364da2661108)
https://lgtm.com/blog/apache_struts_CVE-2017-9805(af854a3a-2127-422b-91ae-364da2661108)
https://security.netapp.com/advisory/ntap-20170907-0001/(af854a3a-2127-422b-91ae-364da2661108)
https://struts.apache.org/docs/s2-052.html(af854a3a-2127-422b-91ae-364da2661108)
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170907-struts2(af854a3a-2127-422b-91ae-364da2661108)
https://www.exploit-db.com/exploits/42627/(af854a3a-2127-422b-91ae-364da2661108)
https://www.kb.cert.org/vuls/id/112992(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-9805(134c704f-9b21-4f2e-91b3-4a467353bcc0)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.