CVE-2019-0233

Severity

7.5HIGH

EPSS

7.8%

top 8.04%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedSep 14

Latest updateMay 24

Description

An access permission override in Apache Struts 2.0.0 to 2.5.20 may cause a Denial of Service when performing a file upload.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

▶NVDapache/struts2.0.0 — 2.5.20

▶CVEListV5apache_strutsApache Struts 2.0.0 to 2.5.20

OSV

Improper Preservation of Permissions in Apache Struts↗2022-05-24

▶

GHSA

Improper Preservation of Permissions in Apache Struts↗2022-05-24

▶

CVEList

CVE-2019-0233: An access permission override in Apache Struts 2↗2020-09-14

▶

Red Hat

struts2: access permission override when performing a file upload leads to DoS↗2020-08-11

▶

Bugzilla

CVE-2019-0233 struts2: access permission override when performing a file upload leads to DoS↗2020-08-18

▶