info@cirt.gov.bd
+88-02-550071 83-86
Facebook Page LinkedIn Page Twitter Page

Multiple Vulnerabilities in Apache Struts Could Allow for Remote Code Execution

by
17 Aug 2020
in Security Advisories & Alerts
No Comments
1468

DESCRIPTION

Multiple Vulnerabilities have been discovered in Apache Struts, the most severe of which could allow for remote code execution. Apache Struts is an open source framework used for building Java web applications. Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution in the context of the affected application. Depending on the privileges associated with the application, an attacker could install programs; view, change, or delete data; or create new accounts with full user rights.

IMPACT

Multiple Vulnerabilities have been discovered in Apache Struts, the most severe of which could allow for remote code execution. Details of these vulnerabilities follows:

  • A vulnerability involving malicious OGNL expressions could allow for remote code execution (CVE-2019-0230)
  • A vulnerability that affects the write permissions of file directories could lead to a denial of service (CVE-2019-0233)

Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution in the context of the affected application. Depending on the privileges associated with the application, an attacker could install programs; view, change, or delete data; or create new accounts with full user rights.

SYSTEM AFFECTED

Apache Struts versions 2.0.0 through 2.5.20

RECOMMENDATIONS

Following actions are recommended to be taken:

  • Upgrade to the most recent version of Apache Struts after appropriate testing.
  • Verify no unauthorized system modifications have occurred on the system before applying the patch.
  • Frequently validate type and content of uploaded data.
  • Run all software as a non-privileged user (one without administrative privileges) to diminish the effects of a successful attack.

REFERENCES

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019:0230

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0233

https://struts.apache.org/announce.html

https://github.com/A2gel/CVE-2019-0230

https://www.cisecurity.org/advisory/a-vulnerability-in-zoho-manageengine-adselfservice-plus-could-allow-for-remote-code-execution_2020-116/

Share

Recommended Posts