apache Archives

A new Apache Struts remote code execution vulnerability dubbed CVE-2018-11776 was recently discovered by security researchers. The root cause of the flow was identified in the lack of input validation on the URL passed to the Struts framework affecting all versions of Struts 2.

The criticality of the CVE-2018-11776 resides in the depth of its operational level. As a matter of fact, it affects the Struts code running not only on a single functional area but across all libraries used by the web application framework. Following the discovery, the Apache Software Foundation released the patch and urged all users of Struts 2.3 and Struts 2.5 to upgrade to the latest versions. Shortly after the patch was released on August 22nd, a proof-of-concept was posted on Github with a Python script that eases exploitation.

Proficio Threat Intelligence Recommendations:

Users of Apache Struts are urged to update their Struts framework to its latest version. More technical details and guidelines can be found in the advisory released by the Apache Software Foundation, available at: here.

General Information – Click Here

In March of 2017, attackers began exploiting a bug in the Apache Struts Jakarta Multipart parser. The attack resulted in attackers being able to execute arbitrary commands on HTTP servers with specially crafted HTTP requests. This vulnerability has recently gained additional buzz because there has been a recently named campaign (Zealot) that uses this vulnerability to compromise a web server and gain a foothold on the network and then use EternalBlue and EternalSynergy exploits to move laterally.

Campaign using vulnerability to gain foothold via web servers – https://f5.com/labs/articles/threat-intelligence/cyber-security/zealot-new-apache-struts-campaign-uses-eternalblue-and-eternalsynergy-to-mine-monero-on-internal-networks?sf176487178=1

NVD Reference – https://nvd.nist.gov/vuln/detail/CVE-2017-5638#vulnDescriptionTitle

Proficio Threat Intelligence Recommendations:

Upgrade to Struts 2.3.32 or Struts 2.5.10.1 on any Apache system within the organization

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Tag Archive for: apache

VULNERABILITY – New critical vulnerability impacting Apache Struts

Vulnerability: Apache – CVE-2017-5638 – Apache Struts Jakarta Parser

Quick Links

Proficio

Tag Archive for: apache

Quick Links

Proficio

Follow us