Rewterz Threat Alert – AZORult Malware – Active IOCs
June 1, 2022Rewterz Threat Advisory – CVE-2022-30973 – Apache Tika Vulnerability
June 1, 2022Severity
High
Analysis Summary
CVE-2020-17530 CVSS:8.1
Apache Struts could allow a remote attacker to execute arbitrary code on the system, caused by a forced double OGNL evaluation on raw user input in tag attributes. By sending specially crafted data, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2018-11776 CVSS:9.8
Apache Struts could allow a remote attacker to execute arbitrary code on the system, caused by an error when using results with no namespace and its upper action configurations have no wildcard namespace. An attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2017-9805 CVSS:9.8
Apache Struts could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data using the Struts REST plugin with XStream handler. An attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
- Code Execution
Indicators Of Compromise
CVE
- CVE-2020-17530
- CVE-2018-11776
- CVE-2017-9805
Affected Vendors
Apache
Affected Products
- Apache Struts 2.0.1
- Apache Struts 2.0.5
- Apache Struts 2.0.6
- Apache Struts 2.0.9
- Apache Struts 2.3.1
- Apache Struts 2.3.14.3
- Apache Struts 2.3.14
- Apache Struts 2.3.15
- Apache Struts 2.1.2
- Apache Struts 2.1.3
- Apache Struts 2.1.4
- Apache Struts 2.1.5
Remediation
Refer to Apache Struts Advisory for patch, upgrade or suggested workaround information.
CVE-2020-17530
CVE-2018-11776
CVE-2017-9805