Apache Struts "action:" Action Mapping Security Bypass Vulnerability

Last Update Date: 24 Sep 2013 10:42 Release Date: 24 Sep 2013 3932 Views

RISK: Medium Risk

Medium Risk

TYPE: Servers - Web Servers

TYPE: Web Servers

A vulnerability has been reported in Apache Struts, which can be exploited by malicious people to bypass certain security restrictions.


The vulnerability is caused due to an error related to the action mapping "action:" prefix and can be exploited to gain access to otherwise restricted functionality.

Impact

  • Security Restriction Bypass

System / Technologies affected

  • versions 2.0.0 through 2.3.15.1.

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Update to version 2.3.15.2.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Apple TV Multiple Vulnerabilities

24 Sep 2013 3785 Views

Next

Oracle Solaris Multiple Vulnerabilities

26 Sep 2013 3756 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY