Apache Struts Remote Code Execution Vulnerability
Release Date:
11 Dec 2023
3349
Views
RISK: Medium Risk
TYPE: Servers - Web Servers
![TYPE: Web Servers](/f/bulletin_type/100012/37p37/servers-webservers.png)
A vulnerability has been identified in Apache Struts. A remote user can exploit this vulnerability to trigger remote code execution on the targeted system.
Impact
- Remote Code Execution
System / Technologies affected
- Struts 2.0.0 - Struts 2.3.37 (EOL)
- Struts 2.5.0 - Struts 2.5.32
- Struts 6.0.0 - Struts 6.3.0
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Upgrade to Struts 2.5.33, Struts 6.3.0.2 or greater
Vulnerability Identifier
Source
Related Link
Related Tags
Share with