CVE-2020-17530
published 2022-04-12CVE-2020-17530: The fix issued for CVE-2020-17530 was incomplete. So from Apache Struts 2.0.0 to 2.5.29, still some of the tag’s attributes could perform a double evaluation…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
KEVITWEXPLOIT
CISA Known Exploited Vulnerabilitydue 2022-05-03
Exploited in the wild
The fix issued for CVE-2020-17530 was incomplete. So from Apache Struts 2.0.0 to 2.5.29, still some of the tag’s attributes could perform a double evaluation if a developer applied forced OGNL evaluation by using the %{...} syntax. Using forced OGNL evaluation on untrusted user input can lead to a Remote Code Execution and security degradation.
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | struts | >= 2.0.0 < 2.5.30 | 2.5.30 |
| apache | struts | 2.0.0 – 2.5.29 | — |
| apache_software_foundation | apache_struts | — | — |
| oracle | business_intelligence | — | — |
| oracle | business_intelligence | — | — |
| oracle | communications_diameter_intelligence_hub | — | — |
| oracle | communications_diameter_intelligence_hub | — | — |
| oracle | communications_diameter_intelligence_hub | — | — |
| oracle | communications_diameter_intelligence_hub | — | — |
| oracle | communications_policy_management | — | — |
| oracle | communications_pricing_design_center | — | — |
| oracle | financial_services_data_integration_hub | — | — |
| oracle | financial_services_data_integration_hub | — | — |
| oracle | hospitality_opera_5 | — | — |
| oracle | mysql_enterprise_monitor | — | — |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
ghsa9.8CRITICAL
osv9.8CRITICAL
vulncheck9.8CRITICAL
cisa9.8CRITICAL