ID

VAR-201703-0755


CVE

CVE-2017-5638


TITLE

Apache Struts 2 is vulnerable to remote code execution

Trust: 1.6

sources: CERT/CC: VU#834067 // CERT/CC: VU#834067

DESCRIPTION

The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string. Apache Struts2 Contains a vulnerability that allows the execution of arbitrary code. Apache Struts2 In Jakarta Multipart parser A vulnerability exists in the execution of arbitrary code that could allow the execution of arbitrary code. The attack code for this vulnerability has been released.By processing a request crafted by a remote third party, arbitrary code could be executed with the privileges of the application. Apache Struts 2.3.5 through 2.3.31 and 2.5 through 2.5.10 are vulnerable. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03723en_us SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: hpesbhf03723en_us Version: 1 HPESBHF03723 rev.1 - HPE Aruba ClearPass Policy Manager, using Apache Struts, Remote Code Execution NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2017-03-29 Last Updated: 2017-03-29 Potential Security Impact: Remote: Code Execution Source: Hewlett Packard Enterprise, Product Security Response Team VULNERABILITY SUMMARY A potential security vulnerability has been identified in HPE Aruba ClearPass Policy Manager. **Note:** The ClearPass Policy Manager administrative Web interface is affected by the vulnerability. ClearPass Guest, Insight, and Graphite are NOT impacted. - Aruba ClearPass Policy Manager All versions prior to 6.6.5 BACKGROUND CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector CVE-2017-5638 9.4 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L 9.7 (AV:N/AC:L/Au:N/C:C/I:C/A:P) Information on CVSS is documented in HPE Customer Notice HPSN-2008-002 here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499 RESOLUTION HPE Aruba has provided hotfixes for ClearPass 6.6.5, 6.6.4, and 6.5.7. Use one of the following methods to install the appropriate hotfix: Install the Hotfix Online Using the Software Updates Portal: 1. Open ClearPass Policy Manager and go to Administration - Agents and Software Updates - Software Updates. 2. In the Firmware and Patch Updates area, find the "ClearPass 6.5.7 Hotfix Patch for CVE-2017-5638" or "ClearPass 6.6.4 Hotfix Patch for CVE-2017-5638" patch and click the Download button in its row. 3. Click Install. 4. When the installation is complete and the status is shown as "Needs Restart", proceed to restart ClearPass. After reboot, the status for the patch will be shown as Installed. The ClearPass Policy Manager version number will not change. Installing the hotfix Offline Using the Patch File from support.arubanetworks.com: 1. Download the "ClearPass 6.5.7 Hotfix Patch for CVE-2017-5638" or "ClearPass 6.6.4 Hotfix Patch for CVE-2017-5638" patch from the Support site. 2. Open the ClearPass Policy Manager Admin UI and go to Administration - Agents and Software Updates - Software Updates. 3. At the bottom of the Firmware and Patch Updates area, click Import Updates and browse to the downloaded patch file. The name and description once imported may differ from the name and remark on the support site as these were adjusted after posting. This is purely a cosmetic discrepancy. 4. Click Install. 5. When the installation is complete and the status is shown as Needs Restart, proceed to restart ClearPass. After reboot, the status for the patch will be shown as Installed. The ClearPass Policy Manager version number will not change. Workarounds - ----------- Restrict access to the Policy Manager Admin Web Interface. This can be accomplished by navigating to Administration - Server Manager - Server Configuration - Server-Name - Network - Restrict Access and only allowing non-public or network management networks. **Note:** Please contact HPE Technical Support if any assistance is needed acquiring the software updates. HISTORY Version:1 (rev.1) - 29 March 2017 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com. Report: To report a potential security vulnerability for any HPE supported product: Web form: https://www.hpe.com/info/report-security-vulnerability Email: security-alert@hpe.com Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX Copyright 2016 Hewlett Packard Enterprise Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBCAAGBQJY3BR/AAoJELXhAxt7SZaiMW8H/0+jWL4Evk+KeqP7aYk1msGp 9ih3F2680VrHVsUbSzul3+svnaWTJUgRe7fUTvsh/Q6bx/Eo86yo8iXGjmzETLtY cTuQrHLySo55Pwua9+89V4e13QkRvQ/UmQPYDMPEk9L7wwU9OF0oCpXHQBuWnw07 mKLZ12HaZqM8vJXgwgJFH77Mf3r5TkGFHsrZ0M+2vvxioJIEfmWV/x4eqtvIy6zS C6CX1M9x4xD442XcFfnH0BHA9RL6LOeYngTPYR7IIycvzpqd8kOWunjs38+IJpFR g49ho/NddeZfDKdJcIdfJ+0f3x2h7FPiVadXu1PzdCckhFHkHmrSlVcRbQZ+1R8= =8ljI -----END PGP SIGNATURE-----

Trust: 3.6

sources: NVD: CVE-2017-5638 // CERT/CC: VU#834067 // CERT/CC: VU#834067 // JVNDB: JVNDB-2017-001621 // BID: 96729 // VULMON: CVE-2017-5638 // PACKETSTORM: 142055 // PACKETSTORM: 141863

AFFECTED PRODUCTS

vendor:apache strutsmodel: - scope: - version: -

Trust: 1.6

vendor:ibmmodel:storwize v5000scope:eqversion:7.7.1.6

Trust: 1.0

vendor:hpmodel:server automationscope:eqversion:10.5.0

Trust: 1.0

vendor:lenovomodel:storage v5030scope:eqversion:7.8.1.0

Trust: 1.0

vendor:ibmmodel:storwize v7000scope:eqversion:7.8.1.0

Trust: 1.0

vendor:hpmodel:server automationscope:eqversion:10.2.0

Trust: 1.0

vendor:apachemodel:strutsscope:gteversion:2.2.3

Trust: 1.0

vendor:oraclemodel:weblogic serverscope:eqversion:12.1.3.0.0

Trust: 1.0

vendor:ibmmodel:storwize v3500scope:eqversion:7.8.1.0

Trust: 1.0

vendor:netappmodel:oncommand balancescope:eqversion: -

Trust: 1.0

vendor:arubanetworksmodel:clearpass policy managerscope:ltversion:6.6.5

Trust: 1.0

vendor:ibmmodel:storwize v5000scope:eqversion:7.8.1.0

Trust: 1.0

vendor:oraclemodel:weblogic serverscope:eqversion:12.2.1.1.0

Trust: 1.0

vendor:apachemodel:strutsscope:ltversion:2.3.32

Trust: 1.0

vendor:apachemodel:strutsscope:ltversion:2.5.10.1

Trust: 1.0

vendor:hpmodel:server automationscope:eqversion:9.1.0

Trust: 1.0

vendor:lenovomodel:storage v5030scope:eqversion:7.7.1.6

Trust: 1.0

vendor:oraclemodel:weblogic serverscope:eqversion:12.2.1.2.0

Trust: 1.0

vendor:ibmmodel:storwize v7000scope:eqversion:7.7.1.6

Trust: 1.0

vendor:hpmodel:server automationscope:eqversion:10.1.0

Trust: 1.0

vendor:hpmodel:server automationscope:eqversion:10.0.0

Trust: 1.0

vendor:oraclemodel:weblogic serverscope:eqversion:10.3.6.0.0

Trust: 1.0

vendor:ibmmodel:storwize v3500scope:eqversion:7.7.1.6

Trust: 1.0

vendor:apachemodel:strutsscope:gteversion:2.5.0

Trust: 1.0

vendor:apachemodel:strutsscope:eqversion:2.3.30

Trust: 0.9

vendor:apachemodel:strutsscope:eqversion:2.5.8

Trust: 0.9

vendor:apachemodel:strutsscope:eqversion:2.5.7

Trust: 0.9

vendor:apachemodel:strutsscope:eqversion:2.5.5

Trust: 0.9

vendor:apachemodel:strutsscope:eqversion:2.5.2

Trust: 0.9

vendor:apachemodel:strutsscope:eqversion:2.5.10

Trust: 0.9

vendor:apachemodel:strutsscope:lteversion:2.3.5 from 2.3.31

Trust: 0.8

vendor:apachemodel:strutsscope:lteversion:2.5 from 2.5.10

Trust: 0.8

vendor:necmodel:esmpro/servermanagerscope:eqversion:6.10 to 6.16

Trust: 0.8

vendor:necmodel:infoframe relational storescope:eqversion: -

Trust: 0.8

vendor:necmodel:istoragescope:eqversion:hs series 5.0.5

Trust: 0.8

vendor:necmodel:staroffice xscope:eqversion:enterprise v4.0

Trust: 0.8

vendor:necmodel:staroffice xscope:eqversion:enterprise v5.0

Trust: 0.8

vendor:necmodel:staroffice xscope:eqversion:enterprise v5.1

Trust: 0.8

vendor:necmodel:staroffice xscope:eqversion:standard v4.0

Trust: 0.8

vendor:necmodel:staroffice xscope:eqversion:standard v5.0

Trust: 0.8

vendor:necmodel:staroffice xscope:eqversion:standard v5.1

Trust: 0.8

vendor:necmodel:webotx developerscope:eqversion:"(with developers studio) v9.3"

Trust: 0.8

vendor:necmodel:webotx developerscope:eqversion:"(with developers studio) v9.4"

Trust: 0.8

vendor:hitachimodel:hirdbscope:eqversion:server version 9

Trust: 0.8

vendor:hitachimodel:hirdb control managerscope:eqversion:- server version 9

Trust: 0.8

vendor:apachemodel:strutsscope:eqversion:2.5.4

Trust: 0.6

vendor:apachemodel:strutsscope:eqversion:2.5.3

Trust: 0.6

vendor:apachemodel:strutsscope:eqversion:2.5.6

Trust: 0.6

vendor:apachemodel:strutsscope:eqversion:2.5.9

Trust: 0.6

vendor:vmwaremodel:vrealize operations managerscope:eqversion:6.0

Trust: 0.3

vendor:vmwaremodel:vrealize hypericscope:eqversion:5.0

Trust: 0.3

vendor:vmwaremodel:vcenter serverscope:eqversion:6.5

Trust: 0.3

vendor:vmwaremodel:vcenter serverscope:eqversion:6.0

Trust: 0.3

vendor:vmwaremodel:horizon desktop as-a-service platformscope:eqversion:7.0

Trust: 0.3

vendor:vmwaremodel:horizon desktop as-a-service platformscope:eqversion:6.0

Trust: 0.3

vendor:oraclemodel:webcenter sitesscope:eqversion:11.1.18.0

Trust: 0.3

vendor:oraclemodel:webcenter sitesscope:eqversion:12.2.1.2.0

Trust: 0.3

vendor:oraclemodel:webcenter sitesscope:eqversion:12.2.1.1.0

Trust: 0.3

vendor:oraclemodel:webcenter sitesscope:eqversion:12.2.1.0.0

Trust: 0.3

vendor:ibmmodel:sterling selling and fulfillment foundationscope:eqversion:9.5

Trust: 0.3

vendor:ibmmodel:sterling selling and fulfillment foundationscope:eqversion:9.4

Trust: 0.3

vendor:ibmmodel:sterling selling and fulfillment foundationscope:eqversion:9.2.1

Trust: 0.3

vendor:ibmmodel:sterling selling and fulfillment foundationscope:eqversion:9.2

Trust: 0.3

vendor:ibmmodel:sterling selling and fulfillment foundationscope:eqversion:9.1

Trust: 0.3

vendor:ibmmodel:sterling selling and fulfillment foundationscope:eqversion:9.3.0

Trust: 0.3

vendor:ibmmodel:connectionsscope:eqversion:5.5

Trust: 0.3

vendor:ibmmodel:connectionsscope:eqversion:5.0

Trust: 0.3

vendor:ibmmodel:connectionsscope:eqversion:4.5

Trust: 0.3

vendor:ibmmodel:connectionsscope:eqversion:4.0

Trust: 0.3

vendor:huaweimodel:smsgw v100r003c01scope: - version: -

Trust: 0.3

vendor:huaweimodel:smsgw v100r002c11scope: - version: -

Trust: 0.3

vendor:huaweimodel:smsgw v100r002c01scope: - version: -

Trust: 0.3

vendor:huaweimodel:secospace antiddos8030 v100r001c00scope: - version: -

Trust: 0.3

vendor:huaweimodel:imanager neteco v600r007c91scope:eqversion:6000

Trust: 0.3

vendor:huaweimodel:imanager neteco v600r007c90scope:eqversion:6000

Trust: 0.3

vendor:huaweimodel:imanager neteco v600r007c80scope:eqversion:6000

Trust: 0.3

vendor:huaweimodel:imanager neteco v600r008c20scope: - version: -

Trust: 0.3

vendor:huaweimodel:imanager neteco v600r008c10scope: - version: -

Trust: 0.3

vendor:huaweimodel:imanager neteco v600r008c00scope: - version: -

Trust: 0.3

vendor:huaweimodel:imanager neteco v600r007c60spc100scope: - version: -

Trust: 0.3

vendor:huaweimodel:imanager neteco v600r007c50scope: - version: -

Trust: 0.3

vendor:huaweimodel:imanager neteco v600r007c11scope: - version: -

Trust: 0.3

vendor:huaweimodel:espace ecs v300r001c00scope: - version: -

Trust: 0.3

vendor:huaweimodel:espace ecs v200r003c10scope: - version: -

Trust: 0.3

vendor:huaweimodel:espace ecs v200r003c00scope: - version: -

Trust: 0.3

vendor:huaweimodel:espace ecs v200r002c00scope: - version: -

Trust: 0.3

vendor:hpmodel:universal cmdb foundation software cup5scope:eqversion:10.22

Trust: 0.3

vendor:hpmodel:server automationscope:eqversion:9.16

Trust: 0.3

vendor:hpmodel:server automationscope:eqversion:9.15

Trust: 0.3

vendor:hpmodel:server automationscope:eqversion:9.14

Trust: 0.3

vendor:hpmodel:server automationscope:eqversion:9.13

Trust: 0.3

vendor:hpmodel:server automationscope:eqversion:9.12

Trust: 0.3

vendor:hpmodel:server automationscope:eqversion:9.10

Trust: 0.3

vendor:hpmodel:server automationscope:eqversion:9.1

Trust: 0.3

vendor:hpmodel:server automationscope:eqversion:10.50

Trust: 0.3

vendor:hpmodel:server automationscope:eqversion:10.20

Trust: 0.3

vendor:hpmodel:server automationscope:eqversion:10.10

Trust: 0.3

vendor:hpmodel:server automationscope:eqversion:10.02

Trust: 0.3

vendor:hpmodel:server automationscope:eqversion:10.01

Trust: 0.3

vendor:hpmodel:server automationscope:eqversion:10.00

Trust: 0.3

vendor:ciscomodel:virtualized voice browserscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:unity connectionscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:unified sip proxy softwarescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:unified intelligent contact management enterprisescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:unified intelligence centerscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:unified contact center expressscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:unified contact center enterprise live data serverscope:eqversion:-0

Trust: 0.3

vendor:ciscomodel:unified contact center enterprisescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:unified communications manager session management editionscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:unified communications manager im & presence servicescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:unified communications managerscope:eqversion: -

Trust: 0.3

vendor:ciscomodel:socialminerscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:prime service catalog appliance and virtual appliancescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:prime license managerscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:packaged contact center enterprisescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:mediasensescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:identity services enginescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:hosted collaboration solution for contact centerscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:hosted collaboration mediation fulfillmentscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:finessescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:emergency responderscope: - version: -

Trust: 0.3

vendor:atlassianmodel:hipchat serverscope:eqversion:2.0

Trust: 0.3

vendor:atlassianmodel:crowdscope:eqversion:2.11

Trust: 0.3

vendor:atlassianmodel:crowdscope:eqversion:2.10.1

Trust: 0.3

vendor:atlassianmodel:crowdscope:eqversion:2.9.5

Trust: 0.3

vendor:atlassianmodel:crowdscope:eqversion:2.9.4

Trust: 0.3

vendor:atlassianmodel:crowdscope:eqversion:2.9.3

Trust: 0.3

vendor:atlassianmodel:crowdscope:eqversion:2.9.2

Trust: 0.3

vendor:atlassianmodel:crowdscope:eqversion:2.9.1

Trust: 0.3

vendor:atlassianmodel:crowdscope:eqversion:2.9

Trust: 0.3

vendor:atlassianmodel:crowdscope:eqversion:2.8.8

Trust: 0.3

vendor:atlassianmodel:crowdscope:eqversion:2.8.3

Trust: 0.3

vendor:atlassianmodel:bambooscope:eqversion:5.15

Trust: 0.3

vendor:atlassianmodel:bambooscope:eqversion:5.12

Trust: 0.3

vendor:atlassianmodel:bambooscope:eqversion:5.11

Trust: 0.3

vendor:atlassianmodel:bambooscope:eqversion:5.10

Trust: 0.3

vendor:atlassianmodel:bambooscope:eqversion:5.1

Trust: 0.3

vendor:atlassianmodel:bambooscope:eqversion:5.12.3.1

Trust: 0.3

vendor:atlassianmodel:bambooscope:eqversion:5.11.4.1

Trust: 0.3

vendor:apachemodel:strutsscope:eqversion:2.3.31

Trust: 0.3

vendor:apachemodel:strutsscope:eqversion:2.3.28

Trust: 0.3

vendor:apachemodel:strutsscope:eqversion:2.3.24

Trust: 0.3

vendor:apachemodel:strutsscope:eqversion:2.3.5

Trust: 0.3

vendor:apachemodel:strutsscope:eqversion:2.5.1

Trust: 0.3

vendor:apachemodel:strutsscope:eqversion:2.5

Trust: 0.3

vendor:apachemodel:strutsscope:eqversion:2.3.8

Trust: 0.3

vendor:apachemodel:strutsscope:eqversion:2.3.7

Trust: 0.3

vendor:apachemodel:strutsscope:eqversion:2.3.29

Trust: 0.3

vendor:apachemodel:strutsscope:eqversion:2.3.20

Trust: 0.3

vendor:apachemodel:strutsscope:eqversion:2.3.16

Trust: 0.3

vendor:apachemodel:strutsscope:eqversion:2.3.15

Trust: 0.3

vendor:apachemodel:strutsscope:eqversion:2.3.14

Trust: 0.3

vendor:apachemodel:strutsscope:eqversion:2.3.12

Trust: 0.3

vendor:vmwaremodel:vcenter server 6.5bscope:neversion: -

Trust: 0.3

vendor:ibmmodel:sterling selling and fulfillment foundation 9.5.0-sfp2scope:neversion: -

Trust: 0.3

vendor:ibmmodel:sterling selling and fulfillment foundation 9.4.0-sfp3scope:neversion: -

Trust: 0.3

vendor:ibmmodel:sterling selling and fulfillment foundation 9.3.0-sfp5scope:neversion: -

Trust: 0.3

vendor:ibmmodel:sterling selling and fulfillment foundation sfp6scope:neversion:9.2.1-

Trust: 0.3

vendor:ibmmodel:sterling selling and fulfillment foundation sfp6scope:neversion:9.2.0-

Trust: 0.3

vendor:ibmmodel:sterling selling and fulfillment foundation sfp6scope:neversion:9.1.0-

Trust: 0.3

vendor:ciscomodel:virtualized voice browser su1scope:neversion:11.5

Trust: 0.3

vendor:ciscomodel:unity connectionscope:neversion:12.0

Trust: 0.3

vendor:ciscomodel:unity connectionscope:neversion:11.5

Trust: 0.3

vendor:ciscomodel:unity connectionscope:neversion:11.0

Trust: 0.3

vendor:ciscomodel:unified sip proxy softwarescope:neversion:10.1

Trust: 0.3

vendor:ciscomodel:unified intelligent contact management enterprisescope:neversion:11.5(1)

Trust: 0.3

vendor:ciscomodel:unified intelligent contact management enterprisescope:neversion:11.0(2)

Trust: 0.3

vendor:ciscomodel:unified intelligent contact management enterprisescope:neversion:10.5(3)

Trust: 0.3

vendor:ciscomodel:unified intelligent contact management enterprisescope:neversion:10.0(2)

Trust: 0.3

vendor:ciscomodel:unified intelligence center es03scope:neversion:11.5(1)

Trust: 0.3

vendor:ciscomodel:unified contact center express su1scope:neversion:11.5

Trust: 0.3

vendor:ciscomodel:unified contact center enterprise live data serverscope:neversion:-11.5(1)

Trust: 0.3

vendor:ciscomodel:unified contact center enterprise live data serverscope:neversion:-11.0(2)

Trust: 0.3

vendor:ciscomodel:unified contact center enterprise live data serverscope:neversion:-10.5(3)

Trust: 0.3

vendor:ciscomodel:unified contact center enterprise live data serverscope:neversion:-10.0(2)

Trust: 0.3

vendor:ciscomodel:unified contact center enterprisescope:neversion:11.5(1)

Trust: 0.3

vendor:ciscomodel:unified contact center enterprisescope:neversion:11.0(2)

Trust: 0.3

vendor:ciscomodel:unified contact center enterprisescope:neversion:10.5(3)

Trust: 0.3

vendor:ciscomodel:unified contact center enterprisescope:neversion:10.0(2)

Trust: 0.3

vendor:ciscomodel:socialminer su1scope:neversion:11.5

Trust: 0.3

vendor:ciscomodel:prime license manager 11.5 su1ascope:neversion: -

Trust: 0.3

vendor:ciscomodel:mediasensescope:neversion:11.5

Trust: 0.3

vendor:ciscomodel:hosted collaboration solution for contact centerscope:neversion:11.5(1)

Trust: 0.3

vendor:ciscomodel:hosted collaboration solution for contact centerscope:neversion:11.0(2)

Trust: 0.3

vendor:ciscomodel:hosted collaboration solution for contact centerscope:neversion:10.5(3)

Trust: 0.3

vendor:ciscomodel:hosted collaboration solution for contact centerscope:neversion:10.0(2)

Trust: 0.3

vendor:ciscomodel:finesse es2scope:neversion:11.5

Trust: 0.3

vendor:atlassianmodel:hipchat serverscope:neversion:2.2.2

Trust: 0.3

vendor:atlassianmodel:crowdscope:neversion:2.11.1

Trust: 0.3

vendor:atlassianmodel:crowdscope:neversion:2.10.3

Trust: 0.3

vendor:atlassianmodel:crowdscope:neversion:2.9.7

Trust: 0.3

vendor:atlassianmodel:bambooscope:neversion:5.15.3

Trust: 0.3

vendor:atlassianmodel:bambooscope:neversion:5.14.5

Trust: 0.3

vendor:apachemodel:strutsscope:neversion:2.5.10.1

Trust: 0.3

vendor:apachemodel:strutsscope:neversion:2.3.32

Trust: 0.3

sources: CERT/CC: VU#834067 // CERT/CC: VU#834067 // BID: 96729 // JVNDB: JVNDB-2017-001621 // CNNVD: CNNVD-201703-152 // NVD: CVE-2017-5638

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2017-5638
value: HIGH

Trust: 1.6

nvd@nist.gov: CVE-2017-5638
value: CRITICAL

Trust: 1.0

NVD: CVE-2017-5638
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-201703-152
value: CRITICAL

Trust: 0.6

VULMON: CVE-2017-5638
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2017-5638
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

NVD: CVE-2017-5638
severity: HIGH
baseScore: 10.0
vectorString: NONE
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.6

nvd@nist.gov: CVE-2017-5638
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2017-5638
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CERT/CC: VU#834067 // CERT/CC: VU#834067 // VULMON: CVE-2017-5638 // JVNDB: JVNDB-2017-001621 // CNNVD: CNNVD-201703-152 // NVD: CVE-2017-5638

PROBLEMTYPE DATA

problemtype:CWE-755

Trust: 1.0

problemtype:CWE-20

Trust: 0.8

sources: JVNDB: JVNDB-2017-001621 // NVD: CVE-2017-5638

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201703-152

TYPE

Input Validation Error

Trust: 0.9

sources: BID: 96729 // CNNVD: CNNVD-201703-152

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-001621

EXPLOIT AVAILABILITY

sources: CERT/CC: VU#834067 // CERT/CC: VU#834067 // VULMON: CVE-2017-5638

PATCH

title:WW-3025url:https://issues.apache.org/jira/browse/WW-3025

Trust: 0.8

title:Alternate Librariesurl:https://cwiki.apache.org/confluence/display/WW/File+Upload#FileUpload-AlternateLibraries

Trust: 0.8

title:S2-045: Possible Remote Code Execution when performing file upload based on Jakarta Multipart parser.url:https://struts.apache.org/docs/s2-045.html

Trust: 0.8

title:Uses default error key if specified key doesn't exist (3523064)url:https://git1-us-west.apache.org/repos/asf?p=struts.git;a=commit;h=352306493971e7d5a756d61780d57a76eb1f519a

Trust: 0.8

title:Uses default error key if specified key doesn't exist (6b8272c)url:https://git1-us-west.apache.org/repos/asf?p=struts.git;a=commit;h=6b8272ce47160036ed120a48345d9aa884477228

Trust: 0.8

title:Content-Type: Malicious - New Apache Struts2 0-day Under Attackurl:http://blog.talosintelligence.com/2017/03/apache-0-day-exploited.html

Trust: 0.8

title:hitachi-sec-2017-110url:http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2017-110/index.html

Trust: 0.8

title:NV17-013url:http://jpn.nec.com/security-info/secinfo/nv17-013.html

Trust: 0.8

title:hitachi-sec-2017-110url:http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/hitachi-sec-2017-110/index.html

Trust: 0.8

title:Veritas NetBackup: 任意のコマンドが実行される脆弱性(CVE-2017-5638) (2017年9月1日)url:http://www.fujitsu.com/jp/products/software/resources/condition/security/products-fujitsu/solution/veritas201712.html

Trust: 0.8

title:Apache Struts 2 Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=67948

Trust: 0.6

title:Cisco: Apache Struts2 Jakarta Multipart Parser File Upload Code Execution Vulnerability Affecting Cisco Productsurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20170310-struts2

Trust: 0.1

title:CVE-2017-5638url:https://github.com/readloud/CVE-2017-5638

Trust: 0.1

title:cve-2017-5638url:https://github.com/jrrdev/cve-2017-5638

Trust: 0.1

title:apache-struts-v2-CVE-2017-5638url:https://github.com/cafnet/apache-struts-v2-CVE-2017-5638

Trust: 0.1

title:struts-vulnerability-demourl:https://github.com/corpbob/struts-vulnerability-demo

Trust: 0.1

title:struts2_cve-2017-5638url:https://github.com/m3ssap0/struts2_cve-2017-5638

Trust: 0.1

title:struts-rce-cve-2017-5638url:https://github.com/riyazwalikar/struts-rce-cve-2017-5638

Trust: 0.1

title:equifax-data-breachurl:https://github.com/raul23/equifax-data-breach

Trust: 0.1

title:CVE-2017-5638url:https://github.com/colorblindpentester/CVE-2017-5638

Trust: 0.1

title:struts2-rceurl:https://github.com/sotudeko/struts2-rce

Trust: 0.1

title:vuln-struts2-vmurl:https://github.com/evolvesecurity/vuln-struts2-vm

Trust: 0.1

title:Apache-Struts-2-CVE-2017-5638-Exploiturl:https://github.com/dock0d1/Apache-Struts-2-CVE-2017-5638-Exploit

Trust: 0.1

title:struts2-rceurl:https://github.com/rjd3/struts2-rce

Trust: 0.1

title:Struts2-045-RCEurl:https://github.com/RayScri/Struts2-045-RCE

Trust: 0.1

sources: VULMON: CVE-2017-5638 // JVNDB: JVNDB-2017-001621 // CNNVD: CNNVD-201703-152

EXTERNAL IDS

db:NVDid:CVE-2017-5638

Trust: 4.6

db:CERT/CCid:VU#834067

Trust: 4.3

db:EXPLOIT-DBid:41570

Trust: 3.2

db:BIDid:96729

Trust: 1.9

db:EXPLOIT-DBid:41614

Trust: 1.6

db:SECTRACKid:1037973

Trust: 1.6

db:LENOVOid:LEN-14200

Trust: 1.6

db:PACKETSTORMid:141494

Trust: 1.6

db:JVNid:JVNVU93610402

Trust: 0.8

db:JVNDBid:JVNDB-2017-001621

Trust: 0.8

db:CNNVDid:CNNVD-201703-152

Trust: 0.6

db:VULMONid:CVE-2017-5638

Trust: 0.1

db:PACKETSTORMid:142055

Trust: 0.1

db:PACKETSTORMid:141863

Trust: 0.1

sources: CERT/CC: VU#834067 // CERT/CC: VU#834067 // VULMON: CVE-2017-5638 // BID: 96729 // JVNDB: JVNDB-2017-001621 // PACKETSTORM: 142055 // PACKETSTORM: 141863 // CNNVD: CNNVD-201703-152 // NVD: CVE-2017-5638

REFERENCES

url:https://cwiki.apache.org/confluence/display/ww/s2-045

Trust: 3.5

url:http://blog.talosintelligence.com/2017/03/apache-0-day-exploited.html

Trust: 3.2

url:https://www.imperva.com/blog/2017/03/cve-2017-5638-new-remote-code-execution-rce-vulnerability-in-apache-struts-2/

Trust: 3.2

url:http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-5638-apache-struts-vulnerability-remote-code-execution/

Trust: 3.2

url:https://www.kb.cert.org/vuls/id/834067

Trust: 2.7

url:https://github.com/rapid7/metasploit-framework/issues/8064

Trust: 1.9

url:https://github.com/rapid7/metasploit-framework/issues/8064

Trust: 1.6

url:https://www.exploit-db.com/exploits/41570/

Trust: 1.6

url:https://cwe.mitre.org/data/definitions/94.html

Trust: 1.6

url:http://www.arubanetworks.com/assets/alert/aruba-psa-2017-002.txt

Trust: 1.6

url:https://cwiki.apache.org/confluence/display/ww/s2-046

Trust: 1.6

url:http://www.securityfocus.com/bid/96729

Trust: 1.6

url:https://arstechnica.com/security/2017/03/critical-vulnerability-under-massive-attack-imperils-high-impact-sites/

Trust: 1.6

url:https://www.symantec.com/security-center/network-protection-security-advisories/sa145

Trust: 1.6

url:https://exploit-db.com/exploits/41570

Trust: 1.6

url:https://packetstormsecurity.com/files/141494/s2-45-poc.py.txt

Trust: 1.6

url:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html

Trust: 1.6

url:https://github.com/mazen160/struts-pwn

Trust: 1.6

url:https://support.lenovo.com/us/en/product_security/len-14200

Trust: 1.6

url:https://struts.apache.org/docs/s2-046.html

Trust: 1.6

url:https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us&docid=emr_na-hpesbgn03733en_us

Trust: 1.6

url:https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us&docid=emr_na-hpesbhf03723en_us

Trust: 1.6

url:https://security.netapp.com/advisory/ntap-20170310-0001/

Trust: 1.6

url:https://twitter.com/theog150/status/841146956135124993

Trust: 1.6

url:https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us&docid=emr_na-hpesbgn03749en_us

Trust: 1.6

url:https://www.exploit-db.com/exploits/41614/

Trust: 1.6

url:https://struts.apache.org/docs/s2-045.html

Trust: 1.6

url:http://www.eweek.com/security/apache-struts-vulnerability-under-attack.html

Trust: 1.6

url:http://www.securitytracker.com/id/1037973

Trust: 1.6

url:https://isc.sans.edu/diary/22169

Trust: 1.6

url:https://git1-us-west.apache.org/repos/asf?p=struts.git%3ba=commit%3bh=352306493971e7d5a756d61780d57a76eb1f519a

Trust: 1.0

url:https://git1-us-west.apache.org/repos/asf?p=struts.git%3ba=commit%3bh=6b8272ce47160036ed120a48345d9aa884477228

Trust: 1.0

url:https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7%40%3cannounce.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3cannounce.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922%40%3cannounce.apache.org%3e

Trust: 1.0

url:https://nmap.org/nsedoc/scripts/http-vuln-cve2017-5638.html

Trust: 1.0

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5638

Trust: 0.8

url:https://www.ipa.go.jp/security/ciadr/vul/20170308-struts.html

Trust: 0.8

url:https://www.jpcert.or.jp/at/2017/at170009.html

Trust: 0.8

url:http://jvn.jp/vu/jvnvu93610402/index.html

Trust: 0.8

url:https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2017-5638

Trust: 0.8

url:https://git1-us-west.apache.org/repos/asf?p=struts.git;a=commit;h=6b8272ce47160036ed120a48345d9aa884477228

Trust: 0.6

url:https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c@%3cannounce.apache.org%3e

Trust: 0.6

url:https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922@%3cannounce.apache.org%3e

Trust: 0.6

url:https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7@%3cannounce.apache.org%3e

Trust: 0.6

url:http-vuln-cve2017-5638.html

Trust: 0.6

url:https://nmap.org/nsedoc/scripts/

Trust: 0.6

url:https://git1-us-west.apache.org/repos/asf?p=struts.git;a=commit;h=352306493971e7d5a756d61780d57a76eb1f519a

Trust: 0.6

url:https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20170316-01-struts2-cn

Trust: 0.6

url:https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-hpesbgn03733en_us

Trust: 0.4

url:http://www.apache.org/

Trust: 0.3

url:http://struts.apache.org/

Trust: 0.3

url:https://confluence.atlassian.com/bamboo/bamboo-security-advisory-2017-03-10-876857850.html

Trust: 0.3

url:https://bugzilla.redhat.com/show_bug.cgi?id=1430326

Trust: 0.3

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170310-struts2

Trust: 0.3

url:https://confluence.atlassian.com/crowd/crowd-security-advisory-2017-03-10-876857916.html

Trust: 0.3

url:https://confluence.atlassian.com/display/hc/hipchat+server+security+advisory+2017-03-09

Trust: 0.3

url:https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-hpesbgn03749en_us

Trust: 0.3

url:http://www.huawei.com/en/psirt/security-notices/2017/huawei-sn-20170313-01-struts2-en

Trust: 0.3

url:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg22000444

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg22001736

Trust: 0.3

url:http://www.vmware.com/security/advisories/vmsa-2017-0004.html

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2017-5638

Trust: 0.2

url:http://www.hpe.com/support/security_bulletin_archive

Trust: 0.2

url:https://www.hpe.com/info/report-security-vulnerability

Trust: 0.2

url:https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c01345499

Trust: 0.2

url:http://www.hpe.com/support/subscriber_choice

Trust: 0.2

url:https://softwaresupport.hpe.com/group/softwaresupport/search-result/-/facets

Trust: 0.1

url:https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-hpesbhf03723en_us

Trust: 0.1

sources: CERT/CC: VU#834067 // CERT/CC: VU#834067 // BID: 96729 // JVNDB: JVNDB-2017-001621 // PACKETSTORM: 142055 // PACKETSTORM: 141863 // CNNVD: CNNVD-201703-152 // NVD: CVE-2017-5638

CREDITS

Nike Zheng

Trust: 0.3

sources: BID: 96729

SOURCES

db:CERT/CCid:VU#834067
db:CERT/CCid:VU#834067
db:VULMONid:CVE-2017-5638
db:BIDid:96729
db:JVNDBid:JVNDB-2017-001621
db:PACKETSTORMid:142055
db:PACKETSTORMid:141863
db:CNNVDid:CNNVD-201703-152
db:NVDid:CVE-2017-5638

LAST UPDATE DATE

2024-09-09T23:09:09.520000+00:00


SOURCES UPDATE DATE

db:CERT/CCid:VU#834067date:2017-03-14T00:00:00
db:CERT/CCid:VU#834067date:2017-03-14T00:00:00
db:VULMONid:CVE-2017-5638date:2023-11-07T00:00:00
db:BIDid:96729date:2017-05-26T07:00:00
db:JVNDBid:JVNDB-2017-001621date:2017-10-03T00:00:00
db:CNNVDid:CNNVD-201703-152date:2021-02-25T00:00:00
db:NVDid:CVE-2017-5638date:2024-07-25T13:58:42.913

SOURCES RELEASE DATE

db:CERT/CCid:VU#834067date:2017-03-14T00:00:00
db:CERT/CCid:VU#834067date:2017-03-14T00:00:00
db:VULMONid:CVE-2017-5638date:2017-03-11T00:00:00
db:BIDid:96729date:2017-03-06T00:00:00
db:JVNDBid:JVNDB-2017-001621date:2017-03-10T00:00:00
db:PACKETSTORMid:142055date:2017-04-07T18:18:00
db:PACKETSTORMid:141863date:2017-03-30T16:04:25
db:CNNVDid:CNNVD-201703-152date:2017-03-07T00:00:00
db:NVDid:CVE-2017-5638date:2017-03-11T02:59:00.150