CVE-2017-5638

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2017-5638
The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string.

9.8 /10

CVSS v3.0 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

10.0 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
http://blog.talosintelligence.com/2017/03/apache-0-day-exploited.html Exploit Third Party Advisory
http://blog.talosintelligence.com/2017/03/apache-0-day-exploited.html Exploit Third Party Advisory
http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-5638-apache-struts-vulnerability-remote-code-execution/ Exploit Third Party Advisory
http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-5638-apache-struts-vulnerability-remote-code-execution/ Exploit Third Party Advisory
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-002.txt Third Party Advisory
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-002.txt Third Party Advisory
http://www.eweek.com/security/apache-struts-vulnerability-under-attack.html Press/Media Coverage Third Party Advisory
http://www.eweek.com/security/apache-struts-vulnerability-under-attack.html Press/Media Coverage Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html Patch Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html Patch Third Party Advisory
http://www.securityfocus.com/bid/96729 Broken Link Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/96729 Broken Link Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1037973 Broken Link Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1037973 Broken Link Third Party Advisory VDB Entry
https://arstechnica.com/security/2017/03/critical-vulnerability-under-massive-attack-imperils-high-impact-sites/ Exploit Press/Media Coverage
https://arstechnica.com/security/2017/03/critical-vulnerability-under-massive-attack-imperils-high-impact-sites/ Exploit Press/Media Coverage
https://cwiki.apache.org/confluence/display/WW/S2-045 Mitigation Vendor Advisory
https://cwiki.apache.org/confluence/display/WW/S2-045 Mitigation Vendor Advisory
https://cwiki.apache.org/confluence/display/WW/S2-046 Mitigation Vendor Advisory
https://cwiki.apache.org/confluence/display/WW/S2-046 Mitigation Vendor Advisory
https://exploit-db.com/exploits/41570 Exploit Third Party Advisory VDB Entry
https://exploit-db.com/exploits/41570 Exploit Third Party Advisory VDB Entry
https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=352306493971e7d5a756d61780d57a76eb1f519a Broken Link
https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=352306493971e7d5a756d61780d57a76eb1f519a Broken Link
https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=6b8272ce47160036ed120a48345d9aa884477228 Broken Link
https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=6b8272ce47160036ed120a48345d9aa884477228 Broken Link
https://github.com/mazen160/struts-pwn Exploit
https://github.com/mazen160/struts-pwn Exploit
https://github.com/rapid7/metasploit-framework/issues/8064 Exploit Issue Tracking
https://github.com/rapid7/metasploit-framework/issues/8064 Exploit Issue Tracking
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03733en_us Broken Link
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03733en_us Broken Link
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03749en_us Third Party Advisory
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03749en_us Third Party Advisory
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03723en_us Third Party Advisory
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03723en_us Third Party Advisory
https://isc.sans.edu/diary/22169 Exploit Third Party Advisory
https://isc.sans.edu/diary/22169 Exploit Third Party Advisory
https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7%40%3Cannounce.apache.org%3E Mailing List
https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7%40%3Cannounce.apache.org%3E Mailing List
https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E Mailing List
https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E Mailing List
https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922%40%3Cannounce.apache.org%3E Mailing List
https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922%40%3Cannounce.apache.org%3E Mailing List
https://nmap.org/nsedoc/scripts/http-vuln-cve2017-5638.html Exploit Third Party Advisory
https://nmap.org/nsedoc/scripts/http-vuln-cve2017-5638.html Exploit Third Party Advisory
https://packetstormsecurity.com/files/141494/S2-45-poc.py.txt Exploit Third Party Advisory VDB Entry
https://packetstormsecurity.com/files/141494/S2-45-poc.py.txt Exploit Third Party Advisory VDB Entry
https://security.netapp.com/advisory/ntap-20170310-0001/ Third Party Advisory
https://security.netapp.com/advisory/ntap-20170310-0001/ Third Party Advisory
https://struts.apache.org/docs/s2-045.html Mitigation Vendor Advisory
https://struts.apache.org/docs/s2-045.html Mitigation Vendor Advisory
https://struts.apache.org/docs/s2-046.html Mitigation Vendor Advisory
https://struts.apache.org/docs/s2-046.html Mitigation Vendor Advisory
https://support.lenovo.com/us/en/product_security/len-14200 Third Party Advisory
https://support.lenovo.com/us/en/product_security/len-14200 Third Party Advisory
https://twitter.com/theog150/status/841146956135124993 Broken Link Third Party Advisory
https://twitter.com/theog150/status/841146956135124993 Broken Link Third Party Advisory
https://www.exploit-db.com/exploits/41614/ Exploit Third Party Advisory VDB Entry
https://www.exploit-db.com/exploits/41614/ Exploit Third Party Advisory VDB Entry
https://www.imperva.com/blog/2017/03/cve-2017-5638-new-remote-code-execution-rce-vulnerability-in-apache-struts-2/ Third Party Advisory
https://www.imperva.com/blog/2017/03/cve-2017-5638-new-remote-code-execution-rce-vulnerability-in-apache-struts-2/ Third Party Advisory
https://www.kb.cert.org/vuls/id/834067 Third Party Advisory US Government Resource
https://www.kb.cert.org/vuls/id/834067 Third Party Advisory US Government Resource
https://www.symantec.com/security-center/network-protection-security-advisories/SA145 Broken Link
https://www.symantec.com/security-center/network-protection-security-advisories/SA145 Broken Link
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
OR cpe:2.3:o:ibm:storwize_v3500_firmware:7.7.1.6:*:*:*:*:*:*:*
cpe:2.3:o:ibm:storwize_v3500_firmware:7.8.1.0:*:*:*:*:*:*:*
cpe:2.3:h:ibm:storwize_v3500:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
OR cpe:2.3:o:ibm:storwize_v5000_firmware:7.7.1.6:*:*:*:*:*:*:*
cpe:2.3:o:ibm:storwize_v5000_firmware:7.8.1.0:*:*:*:*:*:*:*
cpe:2.3:h:ibm:storwize_v5000:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
OR cpe:2.3:o:ibm:storwize_v7000_firmware:7.7.1.6:*:*:*:*:*:*:*
cpe:2.3:o:ibm:storwize_v7000_firmware:7.8.1.0:*:*:*:*:*:*:*
cpe:2.3:h:ibm:storwize_v7000:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
OR cpe:2.3:o:lenovo:storage_v5030_firmware:7.7.1.6:*:*:*:*:*:*:*
cpe:2.3:o:lenovo:storage_v5030_firmware:7.8.1.0:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:storage_v5030:-:*:*:*:*:*:*:*

Configuration 6 (hide)

OR cpe:2.3:a:hp:server_automation:10.0.0:*:*:*:*:*:*:*
cpe:2.3:a:hp:server_automation:10.1.0:*:*:*:*:*:*:*
cpe:2.3:a:hp:server_automation:10.2.0:*:*:*:*:*:*:*
cpe:2.3:a:hp:server_automation:10.5.0:*:*:*:*:*:*:*
cpe:2.3:a:hp:server_automation:9.1.0:*:*:*:*:*:*:*

Configuration 7 (hide)

OR cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:weblogic_server:12.2.1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:weblogic_server:12.2.1.1.0:*:*:*:*:*:*:*

Configuration 8 (hide)

cpe:2.3:a:arubanetworks:clearpass_policy_manager:*:*:*:*:*:*:*:*

Configuration 9 (hide)

cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*
History

23 Jan 2025, 15:28

Type Values Removed Values Added
References (EXPLOIT-DB) https://exploit-db.com/exploits/41570 - Exploit, Third Party Advisory, VDB Entry () https://exploit-db.com/exploits/41570 - Exploit, Third Party Advisory, VDB Entry
References (CERT-VN) https://www.kb.cert.org/vuls/id/834067 - Third Party Advisory, US Government Resource () https://www.kb.cert.org/vuls/id/834067 - Third Party Advisory, US Government Resource
References (CONFIRM) http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html - Patch, Third Party Advisory () http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html - Patch, Third Party Advisory
References (CONFIRM) https://support.lenovo.com/us/en/product_security/len-14200 - Third Party Advisory () https://support.lenovo.com/us/en/product_security/len-14200 - Third Party Advisory
References (EXPLOIT-DB) https://www.exploit-db.com/exploits/41614/ - Exploit, Third Party Advisory, VDB Entry () https://www.exploit-db.com/exploits/41614/ - Exploit, Third Party Advisory, VDB Entry
References (MISC) https://packetstormsecurity.com/files/141494/S2-45-poc.py.txt - Exploit, Third Party Advisory, VDB Entry () https://packetstormsecurity.com/files/141494/S2-45-poc.py.txt - Exploit, Third Party Advisory, VDB Entry
References (BID) http://www.securityfocus.com/bid/96729 - Broken Link, Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/96729 - Broken Link, Third Party Advisory, VDB Entry
References (MISC) https://github.com/mazen160/struts-pwn - Exploit () https://github.com/mazen160/struts-pwn - Exploit
References (MISC) http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-5638-apache-struts-vulnerability-remote-code-execution/ - Exploit, Third Party Advisory () http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-5638-apache-struts-vulnerability-remote-code-execution/ - Exploit, Third Party Advisory
References (MISC) http://blog.talosintelligence.com/2017/03/apache-0-day-exploited.html - Exploit, Third Party Advisory () http://blog.talosintelligence.com/2017/03/apache-0-day-exploited.html - Exploit, Third Party Advisory
References (CONFIRM) https://security.netapp.com/advisory/ntap-20170310-0001/ - Third Party Advisory () https://security.netapp.com/advisory/ntap-20170310-0001/ - Third Party Advisory
References (CONFIRM) https://cwiki.apache.org/confluence/display/WW/S2-045 - Mitigation, Vendor Advisory () https://cwiki.apache.org/confluence/display/WW/S2-045 - Mitigation, Vendor Advisory
References (SECTRACK) http://www.securitytracker.com/id/1037973 - Broken Link, Third Party Advisory, VDB Entry () http://www.securitytracker.com/id/1037973 - Broken Link, Third Party Advisory, VDB Entry
References (CONFIRM) https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03749en_us - Third Party Advisory () https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03749en_us - Third Party Advisory
References (MISC) https://isc.sans.edu/diary/22169 - Exploit, Third Party Advisory () https://isc.sans.edu/diary/22169 - Exploit, Third Party Advisory
References (CONFIRM) https://struts.apache.org/docs/s2-046.html - Mitigation, Vendor Advisory () https://struts.apache.org/docs/s2-046.html - Mitigation, Vendor Advisory
References (MISC) https://nmap.org/nsedoc/scripts/http-vuln-cve2017-5638.html - Exploit, Third Party Advisory () https://nmap.org/nsedoc/scripts/http-vuln-cve2017-5638.html - Exploit, Third Party Advisory
References (MISC) https://arstechnica.com/security/2017/03/critical-vulnerability-under-massive-attack-imperils-high-impact-sites/ - Exploit, Press/Media Coverage () https://arstechnica.com/security/2017/03/critical-vulnerability-under-massive-attack-imperils-high-impact-sites/ - Exploit, Press/Media Coverage
References (MISC) https://twitter.com/theog150/status/841146956135124993 - Broken Link, Third Party Advisory () https://twitter.com/theog150/status/841146956135124993 - Broken Link, Third Party Advisory
References (MISC) https://www.imperva.com/blog/2017/03/cve-2017-5638-new-remote-code-execution-rce-vulnerability-in-apache-struts-2/ - Third Party Advisory () https://www.imperva.com/blog/2017/03/cve-2017-5638-new-remote-code-execution-rce-vulnerability-in-apache-struts-2/ - Third Party Advisory
References (CONFIRM) https://struts.apache.org/docs/s2-045.html - Mitigation, Vendor Advisory () https://struts.apache.org/docs/s2-045.html - Mitigation, Vendor Advisory
References (MISC) https://github.com/rapid7/metasploit-framework/issues/8064 - Exploit, Issue Tracking () https://github.com/rapid7/metasploit-framework/issues/8064 - Exploit, Issue Tracking
References (CONFIRM) https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03723en_us - Third Party Advisory () https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03723en_us - Third Party Advisory
References (CONFIRM) https://cwiki.apache.org/confluence/display/WW/S2-046 - Mitigation, Vendor Advisory () https://cwiki.apache.org/confluence/display/WW/S2-046 - Mitigation, Vendor Advisory
References (CONFIRM) http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-002.txt - Third Party Advisory () http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-002.txt - Third Party Advisory
References (CONFIRM) https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03733en_us - Broken Link () https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03733en_us - Broken Link
References (MISC) http://www.eweek.com/security/apache-struts-vulnerability-under-attack.html - Press/Media Coverage, Third Party Advisory () http://www.eweek.com/security/apache-struts-vulnerability-under-attack.html - Press/Media Coverage, Third Party Advisory
References (CONFIRM) https://www.symantec.com/security-center/network-protection-security-advisories/SA145 - Broken Link () https://www.symantec.com/security-center/network-protection-security-advisories/SA145 - Broken Link

25 Jul 2024, 13:58

Type Values Removed Values Added
CPE cpe:2.3:a:apache:struts:2.3.15.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.3.14.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.5.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.5.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.3.20.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.3.14:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.3.11:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.3.14.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.3.7:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.3.20.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.3.24.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.5.9:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.3.29:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.3.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.5.7:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.3.13:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.3.19:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.3.8:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.3.25:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.5.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.3.31:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.3.24.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.3.20:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.3.16.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.3.15.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.3.17:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.3.28.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.3.15.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.3.9:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.3.22:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.5.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.3.12:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.3.14.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.3.16.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.3.21:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.3.23:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.3.16:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.5.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.3.10:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.3.27:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.5.8:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.3.26:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.3.16.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.5.10:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.3.15:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.3.28:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.3.24.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.3.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.3.24:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.3.20.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:2.3.30:*:*:*:*:*:*:*		 cpe:2.3:o:ibm:storwize_v5000_firmware:7.8.1.0:*:*:*:*:*:*:*
cpe:2.3:o:lenovo:storage_v5030_firmware:7.7.1.6:*:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:clearpass_policy_manager:*:*:*:*:*:*:*:*
cpe:2.3:h:lenovo:storage_v5030:-:*:*:*:*:*:*:*
cpe:2.3:a:hp:server_automation:10.1.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:*
cpe:2.3:a:hp:server_automation:10.2.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*
cpe:2.3:h:ibm:storwize_v7000:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*
cpe:2.3:a:hp:server_automation:9.1.0:*:*:*:*:*:*:*
cpe:2.3:o:ibm:storwize_v5000_firmware:7.7.1.6:*:*:*:*:*:*:*
cpe:2.3:o:ibm:storwize_v3500_firmware:7.8.1.0:*:*:*:*:*:*:*
cpe:2.3:o:ibm:storwize_v7000_firmware:7.7.1.6:*:*:*:*:*:*:*
cpe:2.3:h:ibm:storwize_v5000:-:*:*:*:*:*:*:*
cpe:2.3:h:ibm:storwize_v3500:-:*:*:*:*:*:*:*
cpe:2.3:o:ibm:storwize_v3500_firmware:7.7.1.6:*:*:*:*:*:*:*
cpe:2.3:o:lenovo:storage_v5030_firmware:7.8.1.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:weblogic_server:12.2.1.1.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:weblogic_server:12.2.1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:hp:server_automation:10.5.0:*:*:*:*:*:*:*
cpe:2.3:a:hp:server_automation:10.0.0:*:*:*:*:*:*:*
cpe:2.3:o:ibm:storwize_v7000_firmware:7.8.1.0:*:*:*:*:*:*:*
References (MISC) https://twitter.com/theog150/status/841146956135124993 - Third Party Advisory (MISC) https://twitter.com/theog150/status/841146956135124993 - Broken Link, Third Party Advisory
References (EXPLOIT-DB) https://exploit-db.com/exploits/41570 - Exploit, VDB Entry (EXPLOIT-DB) https://exploit-db.com/exploits/41570 - Exploit, Third Party Advisory, VDB Entry
References (BID) http://www.securityfocus.com/bid/96729 - Third Party Advisory, VDB Entry (BID) http://www.securityfocus.com/bid/96729 - Broken Link, Third Party Advisory, VDB Entry
References (CONFIRM) https://support.lenovo.com/us/en/product_security/len-14200 - (CONFIRM) https://support.lenovo.com/us/en/product_security/len-14200 - Third Party Advisory
References (CONFIRM) https://struts.apache.org/docs/s2-045.html - (CONFIRM) https://struts.apache.org/docs/s2-045.html - Mitigation, Vendor Advisory
References (CONFIRM) https://www.symantec.com/security-center/network-protection-security-advisories/SA145 - (CONFIRM) https://www.symantec.com/security-center/network-protection-security-advisories/SA145 - Broken Link
References (MISC) http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-5638-apache-struts-vulnerability-remote-code-execution/ - Technical Description, Third Party Advisory (MISC) http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-5638-apache-struts-vulnerability-remote-code-execution/ - Exploit, Third Party Advisory
References () https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=352306493971e7d5a756d61780d57a76eb1f519a - () https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=352306493971e7d5a756d61780d57a76eb1f519a - Broken Link
References (MISC) http://blog.talosintelligence.com/2017/03/apache-0-day-exploited.html - Technical Description, Third Party Advisory (MISC) http://blog.talosintelligence.com/2017/03/apache-0-day-exploited.html - Exploit, Third Party Advisory
References (CONFIRM) https://security.netapp.com/advisory/ntap-20170310-0001/ - (CONFIRM) https://security.netapp.com/advisory/ntap-20170310-0001/ - Third Party Advisory
References () https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7%40%3Cannounce.apache.org%3E - () https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7%40%3Cannounce.apache.org%3E - Mailing List
References (EXPLOIT-DB) https://www.exploit-db.com/exploits/41614/ - (EXPLOIT-DB) https://www.exploit-db.com/exploits/41614/ - Exploit, Third Party Advisory, VDB Entry
References () https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922%40%3Cannounce.apache.org%3E - () https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922%40%3Cannounce.apache.org%3E - Mailing List
References () https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E - () https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E - Mailing List
References (MISC) http://www.eweek.com/security/apache-struts-vulnerability-under-attack.html - Press/Media Coverage (MISC) http://www.eweek.com/security/apache-struts-vulnerability-under-attack.html - Press/Media Coverage, Third Party Advisory
References (CONFIRM) http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html - (CONFIRM) http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html - Patch, Third Party Advisory
References (SECTRACK) http://www.securitytracker.com/id/1037973 - (SECTRACK) http://www.securitytracker.com/id/1037973 - Broken Link, Third Party Advisory, VDB Entry
References (CONFIRM) https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03733en_us - (CONFIRM) https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03733en_us - Broken Link
References (MISC) https://nmap.org/nsedoc/scripts/http-vuln-cve2017-5638.html - Third Party Advisory (MISC) https://nmap.org/nsedoc/scripts/http-vuln-cve2017-5638.html - Exploit, Third Party Advisory
References (CONFIRM) https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03723en_us - (CONFIRM) https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03723en_us - Third Party Advisory
References (CERT-VN) https://www.kb.cert.org/vuls/id/834067 - (CERT-VN) https://www.kb.cert.org/vuls/id/834067 - Third Party Advisory, US Government Resource
References (MISC) https://www.imperva.com/blog/2017/03/cve-2017-5638-new-remote-code-execution-rce-vulnerability-in-apache-struts-2/ - (MISC) https://www.imperva.com/blog/2017/03/cve-2017-5638-new-remote-code-execution-rce-vulnerability-in-apache-struts-2/ - Third Party Advisory
References () https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=6b8272ce47160036ed120a48345d9aa884477228 - () https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=6b8272ce47160036ed120a48345d9aa884477228 - Broken Link
References (CONFIRM) http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-002.txt - (CONFIRM) http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-002.txt - Third Party Advisory
References (CONFIRM) https://struts.apache.org/docs/s2-046.html - (CONFIRM) https://struts.apache.org/docs/s2-046.html - Mitigation, Vendor Advisory
References (CONFIRM) https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03749en_us - (CONFIRM) https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03749en_us - Third Party Advisory
References (MISC) https://isc.sans.edu/diary/22169 - Technical Description, Third Party Advisory (MISC) https://isc.sans.edu/diary/22169 - Exploit, Third Party Advisory
References (CONFIRM) https://cwiki.apache.org/confluence/display/WW/S2-046 - (CONFIRM) https://cwiki.apache.org/confluence/display/WW/S2-046 - Mitigation, Vendor Advisory
References (MISC) https://github.com/rapid7/metasploit-framework/issues/8064 - Exploit (MISC) https://github.com/rapid7/metasploit-framework/issues/8064 - Exploit, Issue Tracking
References (MISC) https://arstechnica.com/security/2017/03/critical-vulnerability-under-massive-attack-imperils-high-impact-sites/ - Press/Media Coverage (MISC) https://arstechnica.com/security/2017/03/critical-vulnerability-under-massive-attack-imperils-high-impact-sites/ - Exploit, Press/Media Coverage
References (MISC) https://packetstormsecurity.com/files/141494/S2-45-poc.py.txt - Exploit, VDB Entry (MISC) https://packetstormsecurity.com/files/141494/S2-45-poc.py.txt - Exploit, Third Party Advisory, VDB Entry
CVSS v2 : 10.0
v3 : 10.0 		v2 : 10.0
v3 : 9.8
CWE CWE-20 CWE-755
First Time Ibm storwize V7000 Firmware
Lenovo storage V5030
Ibm storwize V5000 Firmware
Lenovo
Hp
Netapp
Ibm
Ibm storwize V7000
Ibm storwize V5000
Oracle weblogic Server
Arubanetworks clearpass Policy Manager
Ibm storwize V3500
Oracle
Lenovo storage V5030 Firmware
Ibm storwize V3500 Firmware
Arubanetworks
Hp server Automation
Netapp oncommand Balance

07 Nov 2023, 02:49

Type Values Removed Values Added
References
  • {'url': 'https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7@%3Cannounce.apache.org%3E', 'name': '[announce] 20210223 Re: Apache Software Foundation Security Report: 2020', 'tags': [], 'refsource': 'MLIST'}
  • {'url': 'https://git1-us-west.apache.org/repos/asf?p=struts.git;a=commit;h=6b8272ce47160036ed120a48345d9aa884477228', 'name': 'https://git1-us-west.apache.org/repos/asf?p=struts.git;a=commit;h=6b8272ce47160036ed120a48345d9aa884477228', 'tags': ['Patch'], 'refsource': 'CONFIRM'}
  • {'url': 'https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c@%3Cannounce.apache.org%3E', 'name': '[announce] 20200131 Apache Software Foundation Security Report: 2019', 'tags': [], 'refsource': 'MLIST'}
  • {'url': 'https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922@%3Cannounce.apache.org%3E', 'name': '[announce] 20210125 Apache Software Foundation Security Report: 2020', 'tags': [], 'refsource': 'MLIST'}
  • {'url': 'https://git1-us-west.apache.org/repos/asf?p=struts.git;a=commit;h=352306493971e7d5a756d61780d57a76eb1f519a', 'name': 'https://git1-us-west.apache.org/repos/asf?p=struts.git;a=commit;h=352306493971e7d5a756d61780d57a76eb1f519a', 'tags': ['Patch'], 'refsource': 'CONFIRM'}
  • () https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=6b8272ce47160036ed120a48345d9aa884477228 -
  • () https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922%40%3Cannounce.apache.org%3E -
  • () https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=352306493971e7d5a756d61780d57a76eb1f519a -
  • () https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7%40%3Cannounce.apache.org%3E -
  • () https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E -
Information

Published : 2017-03-11 02:59

Updated : 2025-03-21 21:08

NVD link : CVE-2017-5638

Mitre link : CVE-2017-5638

JSON object : View

Products Affected

lenovo

  • storage_v5030_firmware
  • storage_v5030

oracle

  • weblogic_server

ibm

  • storwize_v5000_firmware
  • storwize_v7000_firmware
  • storwize_v5000
  • storwize_v7000
  • storwize_v3500_firmware
  • storwize_v3500

hp

  • server_automation

apache

  • struts

arubanetworks

  • clearpass_policy_manager

netapp

  • oncommand_balance
CWE
CWE-755

Improper Handling of Exceptional Conditions