CVE-2016-6795

CVSS v3.0 9.8 (Critical)

CVSS v2.0 7.5 (High)

EPSS 2.02 % (89^th)

Affected Products 1

Advisories 1

In the Convention plugin in Apache Struts 2.3.x before 2.3.31, and 2.5.x before 2.5.5, it is possible to prepare a special URL which will be used for path traversal and execution of arbitrary code on server side.

Weaknesses

CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CVE Status: PUBLISHED
CNA: Apache Software Foundation
Published Date: 2017-09-20 17:29:00
(7 years ago)
Updated Date: 2019-08-12 21:15:13
(5 years ago)

Affected Products

Apache

Struts

Configuration #1

		CPE23	From	Up To
	Apache Struts 2.3.20	cpe:2.3:a:apache:struts:2.3.20
	Apache Struts 2.3.20.1	cpe:2.3:a:apache:struts:2.3.20.1
	Apache Struts 2.3.20.2	cpe:2.3:a:apache:struts:2.3.20.2
	Apache Struts 2.3.20.3	cpe:2.3:a:apache:struts:2.3.20.3
	Apache Struts 2.3.21	cpe:2.3:a:apache:struts:2.3.21
	Apache Struts 2.3.22	cpe:2.3:a:apache:struts:2.3.22
	Apache Struts 2.3.23	cpe:2.3:a:apache:struts:2.3.23
	Apache Struts 2.3.24	cpe:2.3:a:apache:struts:2.3.24
	Apache Struts 2.3.24.1	cpe:2.3:a:apache:struts:2.3.24.1
	Apache Struts 2.3.24.2	cpe:2.3:a:apache:struts:2.3.24.2
	Apache Struts 2.3.24.3	cpe:2.3:a:apache:struts:2.3.24.3
	Apache Struts 2.3.25	cpe:2.3:a:apache:struts:2.3.25
	Apache Struts 2.3.26	cpe:2.3:a:apache:struts:2.3.26
	Apache Struts 2.3.27	cpe:2.3:a:apache:struts:2.3.27
	Apache Struts 2.3.28	cpe:2.3:a:apache:struts:2.3.28
	Apache Struts 2.3.28.1	cpe:2.3:a:apache:struts:2.3.28.1
	Apache Struts 2.3.29	cpe:2.3:a:apache:struts:2.3.29
	Apache Struts 2.3.30	cpe:2.3:a:apache:struts:2.3.30