virus logo Intrusion Prevention

Apache.Struts.2.OGNL.Script.Injection

description-logoDescription

This indicates a possible attack against a Command Execution vulnerability in Apache Struts 2.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. A remote attacker may exploit this by sending a specially crafted HTTP request to a vulnerable system. A successful attack may allow an attacker to execute arbitrary OGNL expressions in the security context of the web application server.

affected-products-logoAffected Products

Apache Software Foundation Struts 2 prior to 2.2.3.1
Apache Software Foundation Struts 2.3 - Struts 2.3.34, Struts 2.5 - Struts 2.5.16

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply patches or fixes, available from the website:
http://struts.apache.org/2.x/docs/s2-007.html
https://cwiki.apache.org/confluence/display/WW/S2-057
https://cwiki.apache.org/confluence/display/WW/S2-008

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Status Detail
2021-10-14 18.179
Modified
 Sig Added
2020-11-26 16.969
Modified
 Sig Added
2020-11-24 16.967
Modified
 Sig Added
2019-10-01 14.697
Modified
 Sig Added
2019-06-19 14.635
Modified
 Sig Added
2018-10-16 13.473
Modified
 Sig Added
ID 30956
Created Feb 10, 2012
Updated Oct 13, 2021
CVE ID
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
Known Exploited Yes
Exploit Prediction Score 94.43%
Default Action drop
Active
Affected OS All
Affected App Apache
Profile Type Other