TROYANOSYVIRUS
Retour aux CVEs

CVE-2018-11776

HIGHCISA KEV
8.1

Description

Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true (either by user or a plugin like Convention Plugin) and then: results are used with no namespace and in same time, its upper package have no or wildcard namespace and similar to results, same possibility when using url tag which doesn't have value and action set and in same time, its upper package have no or wildcard namespace.

Details CVE

Score CVSS v3.18.1
SeveriteHIGH
Vecteur CVSSCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Vecteur d'attaqueNETWORK
ComplexiteHIGH
Privileges requisNONE
Interaction utilisateurNONE
Publie8/22/2018
Derniere modification10/27/2025
Sourcekev
Observations honeypot0

CISA KEV

FournisseurApache
ProduitStruts
Nom vulnerabiliteApache Struts Remote Code Execution Vulnerability
Date ajout KEV2021-11-03
Date limite remediation2022-05-03
Utilise dans ransomwareUnknown

Produits affectes

apache:strutsnetapp:active_iq_unified_managernetapp:oncommand_insightnetapp:oncommand_workflow_automationnetapp:snapcenteroracle:communications_policy_managementoracle:enterprise_manager_base_platformoracle:mysql_enterprise_monitor

References

http://packetstormsecurity.com/files/172830/Apache-Struts-Remote-Code-Execution.html(security@apache.org)
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-005.txt(security@apache.org)
http://www.oracle.com/technetwork/security-advisory/alert-cve-2018-11776-5072787.html(security@apache.org)
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html(security@apache.org)
http://www.securityfocus.com/bid/105125(security@apache.org)
http://www.securitytracker.com/id/1041547(security@apache.org)
http://www.securitytracker.com/id/1041888(security@apache.org)
https://cwiki.apache.org/confluence/display/WW/S2-057(security@apache.org)
https://github.com/hook-s3c/CVE-2018-11776-Python-PoC(security@apache.org)
https://lgtm.com/blog/apache_struts_CVE-2018-11776(security@apache.org)
https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E(security@apache.org)
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0012(security@apache.org)
https://security.netapp.com/advisory/ntap-20180822-0001/(security@apache.org)
https://security.netapp.com/advisory/ntap-20181018-0002/(security@apache.org)
https://www.exploit-db.com/exploits/45260/(security@apache.org)
https://www.exploit-db.com/exploits/45262/(security@apache.org)
https://www.exploit-db.com/exploits/45367/(security@apache.org)
https://www.oracle.com/security-alerts/cpujul2020.html(security@apache.org)
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html(security@apache.org)
http://packetstormsecurity.com/files/172830/Apache-Struts-Remote-Code-Execution.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-005.txt(af854a3a-2127-422b-91ae-364da2661108)
http://www.oracle.com/technetwork/security-advisory/alert-cve-2018-11776-5072787.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/105125(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1041547(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1041888(af854a3a-2127-422b-91ae-364da2661108)
https://cwiki.apache.org/confluence/display/WW/S2-057(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/hook-s3c/CVE-2018-11776-Python-PoC(af854a3a-2127-422b-91ae-364da2661108)
https://lgtm.com/blog/apache_struts_CVE-2018-11776(af854a3a-2127-422b-91ae-364da2661108)
https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E(af854a3a-2127-422b-91ae-364da2661108)
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0012(af854a3a-2127-422b-91ae-364da2661108)
https://security.netapp.com/advisory/ntap-20180822-0001/(af854a3a-2127-422b-91ae-364da2661108)
https://security.netapp.com/advisory/ntap-20181018-0002/(af854a3a-2127-422b-91ae-364da2661108)
https://www.exploit-db.com/exploits/45260/(af854a3a-2127-422b-91ae-364da2661108)
https://www.exploit-db.com/exploits/45262/(af854a3a-2127-422b-91ae-364da2661108)
https://www.exploit-db.com/exploits/45367/(af854a3a-2127-422b-91ae-364da2661108)
https://www.oracle.com/security-alerts/cpujul2020.html(af854a3a-2127-422b-91ae-364da2661108)
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-11776(134c704f-9b21-4f2e-91b3-4a467353bcc0)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.