Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-0392

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2012-0392
Last Modified 09 Jan 2012 03:03:45
Published 08 Jan 2012 10:55:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-0392

Summary

The CookieInterceptor component in Apache Struts before 2.3.1.1 does not use the parameter-name whitelist, which allows remote attackers to execute arbitrary commands via a crafted HTTP Cookie header that triggers Java code execution through a static method.

Vulnerable Systems

Application

  • Apache Struts 2.0.0

  • Apache Struts 2.0.1

  • Apache Struts 2.0.10

  • Apache Struts 2.0.11

  • Apache Struts 2.0.11.1

  • Apache Struts 2.0.11.2

  • Apache Struts 2.0.12

  • Apache Struts 2.0.13

  • Apache Struts 2.0.14

  • Apache Struts 2.0.2

  • Apache Struts 2.0.3

  • Apache Struts 2.0.4

  • Apache Struts 2.0.5

  • Apache Struts 2.0.6

  • Apache Struts 2.0.7

  • Apache Struts 2.0.8

  • Apache Struts 2.0.9

  • Apache Struts 2.1.0

  • Apache Struts 2.1.1

  • Apache Struts 2.1.2

  • Apache Struts 2.1.3

  • Apache Struts 2.1.4

  • Apache Struts 2.1.5

  • Apache Struts 2.1.6

  • Apache Struts 2.1.8

  • Apache Struts 2.1.8.1

  • Apache Struts 2.2.1

  • Apache Struts 2.2.1.1

  • Apache Struts 2.2.3


References

MISC - https://www.sec-consult.com/files/20120104-0_Apache_Struts2_Multiple_Critical_Vulnerabilities.txt

MLIST - [dailydave] 20120106 Apache Struts

EXPLOIT-DB - 18329

CONFIRM - http://struts.apache.org/2.x/docs/version-notes-2311.html

CONFIRM - http://struts.apache.org/2.x/docs/s2-008.html

SECUNIA - 47393

BUGTRAQ - 20120105 SEC Consult SA-20120104-0 :: Multiple critical vulnerabilities in Apache Struts2


Last Updated: 27 May 2016 10:58:01