← Voltar para CVEs
CVE-2017-9805
HIGHCISA KEV8.1
Descricao
The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads.
Detalhes CVE
Pontuacao CVSS v3.18.1
SeveridadeHIGH
Vetor CVSSCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Vetor de ataqueNETWORK
ComplexidadeHIGH
Privilegios necessariosNONE
Interacao do usuarioNONE
Publicado9/15/2017
Ultima modificacao10/22/2025
Fontekev
Avistamentos honeypot0
CISA KEV
FornecedorApache
ProdutoStruts
Nome da vulnerabilidadeApache Struts Deserialization of Untrusted Data Vulnerability
Data inclusao KEV2021-11-03
Prazo de remediacao2022-05-03
Uso em ransomwareUnknown
Produtos afetados
apache:strutscisco:digital_media_managercisco:hosted_collaboration_solutioncisco:media_experience_enginecisco:network_performance_analysiscisco:video_distribution_suite_for_internet_streamingnetapp:oncommand_balance
Fraquezas (CWE)
CWE-502CWE-502
Referencias
http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-9805-3889403.html(security@apache.org)
http://www.securityfocus.com/bid/100609(security@apache.org)
http://www.securitytracker.com/id/1039263(security@apache.org)
https://blogs.apache.org/foundation/entry/apache-struts-statement-on-equifax(security@apache.org)
https://bugzilla.redhat.com/show_bug.cgi?id=1488482(security@apache.org)
https://cwiki.apache.org/confluence/display/WW/S2-052(security@apache.org)
https://lgtm.com/blog/apache_struts_CVE-2017-9805(security@apache.org)
https://security.netapp.com/advisory/ntap-20170907-0001/(security@apache.org)
https://struts.apache.org/docs/s2-052.html(security@apache.org)
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170907-struts2(security@apache.org)
https://www.exploit-db.com/exploits/42627/(security@apache.org)
https://www.kb.cert.org/vuls/id/112992(security@apache.org)
http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-9805-3889403.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/100609(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1039263(af854a3a-2127-422b-91ae-364da2661108)
https://blogs.apache.org/foundation/entry/apache-struts-statement-on-equifax(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=1488482(af854a3a-2127-422b-91ae-364da2661108)
https://cwiki.apache.org/confluence/display/WW/S2-052(af854a3a-2127-422b-91ae-364da2661108)
https://lgtm.com/blog/apache_struts_CVE-2017-9805(af854a3a-2127-422b-91ae-364da2661108)
https://security.netapp.com/advisory/ntap-20170907-0001/(af854a3a-2127-422b-91ae-364da2661108)
https://struts.apache.org/docs/s2-052.html(af854a3a-2127-422b-91ae-364da2661108)
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170907-struts2(af854a3a-2127-422b-91ae-364da2661108)
https://www.exploit-db.com/exploits/42627/(af854a3a-2127-422b-91ae-364da2661108)
https://www.kb.cert.org/vuls/id/112992(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-9805(134c704f-9b21-4f2e-91b3-4a467353bcc0)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.