CVE-2017-5638
published 2017-03-11CVE-2017-5638: The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
KEVITWEXPLOIT
CISA Known Exploited Vulnerabilitydue 2022-05-03
Exploited in the wild
The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string.
Affected
23 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | struts | >= 2.2.3 < 2.3.32 | 2.3.32 |
| apache | struts | >= 2.5.0 < 2.5.10.1 | 2.5.10.1 |
| apache_software_foundation | apache_struts | — | — |
| apache_software_foundation | apache_struts | — | — |
| arubanetworks | clearpass_policy_manager | < 6.6.5 | 6.6.5 |
| cisco | products | — | — |
| hp | server_automation | — | — |
| hp | server_automation | — | — |
| hp | server_automation | — | — |
| hp | server_automation | — | — |
| hp | server_automation | — | — |
| ibm | storwize_v3500_firmware | — | — |
| ibm | storwize_v3500_firmware | — | — |
| ibm | storwize_v5000_firmware | — | — |
| ibm | storwize_v5000_firmware | — | — |
| ibm | storwize_v7000_firmware | — | — |
| ibm | storwize_v7000_firmware | — | — |
| lenovo | storage_v5030_firmware | — | — |
| lenovo | storage_v5030_firmware | — | — |
| oracle | weblogic_server | — | — |
| oracle | weblogic_server | — | — |
| oracle | weblogic_server | — | — |
| oracle | weblogic_server | — | — |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vulncheck9.8CRITICAL
cisa9.8CRITICAL