← Retour aux CVEs
CVE-2017-9805
HIGHCISA KEV8.1
Description
The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads.
Details CVE
Score CVSS v3.18.1
SeveriteHIGH
Vecteur CVSSCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Vecteur d'attaqueNETWORK
ComplexiteHIGH
Privileges requisNONE
Interaction utilisateurNONE
Publie9/15/2017
Derniere modification10/22/2025
Sourcekev
Observations honeypot0
CISA KEV
FournisseurApache
ProduitStruts
Nom vulnerabiliteApache Struts Deserialization of Untrusted Data Vulnerability
Date ajout KEV2021-11-03
Date limite remediation2022-05-03
Utilise dans ransomwareUnknown
Produits affectes
apache:strutscisco:digital_media_managercisco:hosted_collaboration_solutioncisco:media_experience_enginecisco:network_performance_analysiscisco:video_distribution_suite_for_internet_streamingnetapp:oncommand_balance
Faiblesses (CWE)
CWE-502CWE-502
References
http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-9805-3889403.html(security@apache.org)
http://www.securityfocus.com/bid/100609(security@apache.org)
http://www.securitytracker.com/id/1039263(security@apache.org)
https://blogs.apache.org/foundation/entry/apache-struts-statement-on-equifax(security@apache.org)
https://bugzilla.redhat.com/show_bug.cgi?id=1488482(security@apache.org)
https://cwiki.apache.org/confluence/display/WW/S2-052(security@apache.org)
https://lgtm.com/blog/apache_struts_CVE-2017-9805(security@apache.org)
https://security.netapp.com/advisory/ntap-20170907-0001/(security@apache.org)
https://struts.apache.org/docs/s2-052.html(security@apache.org)
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170907-struts2(security@apache.org)
https://www.exploit-db.com/exploits/42627/(security@apache.org)
https://www.kb.cert.org/vuls/id/112992(security@apache.org)
http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-9805-3889403.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/100609(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1039263(af854a3a-2127-422b-91ae-364da2661108)
https://blogs.apache.org/foundation/entry/apache-struts-statement-on-equifax(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=1488482(af854a3a-2127-422b-91ae-364da2661108)
https://cwiki.apache.org/confluence/display/WW/S2-052(af854a3a-2127-422b-91ae-364da2661108)
https://lgtm.com/blog/apache_struts_CVE-2017-9805(af854a3a-2127-422b-91ae-364da2661108)
https://security.netapp.com/advisory/ntap-20170907-0001/(af854a3a-2127-422b-91ae-364da2661108)
https://struts.apache.org/docs/s2-052.html(af854a3a-2127-422b-91ae-364da2661108)
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170907-struts2(af854a3a-2127-422b-91ae-364da2661108)
https://www.exploit-db.com/exploits/42627/(af854a3a-2127-422b-91ae-364da2661108)
https://www.kb.cert.org/vuls/id/112992(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-9805(134c704f-9b21-4f2e-91b3-4a467353bcc0)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.