Vulnerability Details : CVE-2014-0094
Public exploit exists!
The ParametersInterceptor in Apache Struts before 2.3.16.2 allows remote attackers to "manipulate" the ClassLoader via the class parameter, which is passed to the getClass method.
Exploit prediction scoring system (EPSS) score for CVE-2014-0094
Probability of exploitation activity in the next 30 days: 97.09%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 100 % EPSS Score History EPSS FAQ
Metasploit modules for CVE-2014-0094
-
Apache Struts ClassLoader Manipulation Remote Code Execution
Disclosure Date: 2014-03-06First seen: 2020-04-26exploit/multi/http/struts_code_exec_classloaderThis module exploits a remote command execution vulnerability in Apache Struts versions 1.x (<= 1.3.10) and 2.x (< 2.3.16.2). In Struts 1.x the problem is related with the ActionForm bean population mechanism while in case of Struts 2.x the vulnerability is due to th
CVSS scores for CVE-2014-0094
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:P/A:N |
10.0
|
2.9
|
NIST |
References for CVE-2014-0094
-
http://packetstormsecurity.com/files/127215/VMware-Security-Advisory-2014-0007.html
VMware Security Advisory 2014-0007 ≈ Packet StormThird Party Advisory;VDB Entry
-
http://www.securityfocus.com/archive/1/531362/100/0/threaded
SecurityFocusThird Party Advisory;VDB Entry
-
http://jvndb.jvn.jp/jvndb/JVNDB-2014-000045
JVNDB-2014-000045 - JVN iPedia - 脆弱性対策情報データベースThird Party Advisory;VDB Entry
-
http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html
Oracle Critical Patch Update - April 2015Third Party Advisory
-
http://www-01.ibm.com/support/docview.wss?uid=swg21676706
IBM Security Bulletin: IBM Sterling Order Management, IBM Sterling Configure, Price, Quote and Sterling Web Channel are affected by Apache Struts 2 security vulnerabilitiesThird Party Advisory
-
http://www.securityfocus.com/archive/1/532549/100/0/threaded
SecurityFocusThird Party Advisory;VDB Entry
-
http://www.vmware.com/security/advisories/VMSA-2014-0007.html
VMSA-2014-0007.2Third Party Advisory
-
http://struts.apache.org/release/2.3.x/docs/s2-020.html
S2-020 - DEPRECATED: Apache Struts 2 Documentation - Apache Software FoundationVendor Advisory
-
http://jvn.jp/en/jp/JVN19294237/index.html
JVN#19294237: Apache Struts vulnerable to ClassLoader manipulationThird Party Advisory;VDB Entry
-
http://secunia.com/advisories/59178
Sign inPermissions Required
-
http://www.securitytracker.com/id/1029876
Apache Struts Bugs Let Remote Users Deny Service and Manipulate the ClassLoader - SecurityTrackerThird Party Advisory;VDB Entry
-
http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-350733.htm
Security Advisory-Apache Struts2 vulnerability on Huawei multiple productsThird Party Advisory
-
http://www.securityfocus.com/bid/65999
Apache Struts ClassLoader Manipulation CVE-2014-0094 Security Bypass VulnerabilityThird Party Advisory;VDB Entry
-
http://www.konakart.com/downloads/ver-7-3-0-0-whats-new
Ver 7.3.0.0 – What’s New? - KonaKartThird Party Advisory
Products affected by CVE-2014-0094
- cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:*