Skip to main content

Apache Struts 2 Vulnerability

Last Update Date: 9 Dec 2020 15:33 Release Date: 9 Dec 2020 1309 Views

RISK: Medium Risk

TYPE: Servers - Web Servers

TYPE: Web Servers

A vulnerability has been identified in Apache Struts 2. A remote attacker can exploit this vulnerability to perform remote code execution and security restriction bypass on the targeted system.


Impact

  • Remote Code Execution
  • Security Restriction Bypass

System / Technologies affected

  • Apache Struts 2 versions 2.0.0 to 2.5.25

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Upgrade to versions 2.5.26 or greater

Vulnerability Identifier


Source


Related Link