CVE-2011-3923 in Strutsinfo

Summary

Apache Struts before 2.3.1.2 allows remote attackers to bypass security protections in the ParameterInterceptor class and execute arbitrary commands.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservation

10/01/2011

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

IDVulnerabilityCWEExpCouCVE
144780Apache Struts ParameterInterceptor permission assignment732HighOfficial fixCVE-2011-3923
4571Apache Struts privileges management269HighOfficial fixCVE-2011-3923

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

PreviousOverviewNext