1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: Apache Struts CVE-2011-3923

Attack: Apache Struts CVE-2011-3923

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects an attack against Apache Structs which may allow arbitrary commands executed on the server.

Additional Information

Apache Struts is a framework for building web applications.

Apache Struts is prone to a security-bypass vulnerability because it fails to adequately handle user-supplied input. Specifically, the application permits attackers to bypass protection mechanisms built into the 'ParameterInterceptor' class with OGNL expressions. Predefined context variables identified with a '#' can be altered to permit command-execution.

Affected

  • Apache Struts versions 2.0.0 through 2.3.1.1 are vulnerable.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube