Server side object manipulation in Apache Struts

説明

OGNL provides, among other features, extensive expression evaluation capabilities. This vulnerability allows a malicious user to bypass the '#'-usage protection built into the ParametersInterceptor, thus being able to manipulate server side context objects. This behavior was already addressed in S2-003, but it turned out that the resulting fix based on whitelisting acceptable parameter names closed the vulnerability only partially.

基本情報

タイプ
reviewed
深刻度
medium
GitHub 上のアドバイザリ
アドバイザリを開く ↗
リポジトリのアドバイザリ
ソースコード
ソースを見る ↗
公開(アドバイザリ)
2022-05-13 01:14:26 UTC
更新
2023-08-26 05:02:34 UTC
GitHub レビュー済み
2022-11-03 19:11:38 UTC
NVD で公開
2010-08-17

EPSS Score

Score Percentile
92.53% 99.73%

CVSS Scores

No CVSS scores in this advisory.

Identifiers

Affected packages (1)

Vulnerable version ranges and first patched releases as published by GitHub.

Ecosystem Package Vulnerable range First patched Vulnerable functions
maven org.apache.struts:struts2-core < 2.2.1 2.2.1

References

cvelogic Threat Intelligence