Apache Struts Vulnerabilidad

Cronología

El año pasado

Versión

2.3.320
2.3.420
2.5.119
2.5.219
2.5.319

Contramedidas

Official Fix77
Temporary Fix0
Workaround3
Unavailable2
Not Defined11

Explotabilidad

High26
Functional0
Proof-of-Concept17
Unproven4
Not Defined46

Vector de acceso

Not Defined0
Physical0
Local3
Adjacent0
Network90

Autenticación

Not Defined0
High0
Low14
None79

La interacción del usuario

Not Defined0
Required24
None69

C3BM Index

El año pasado

CVSSv3 Base

≤10
≤20
≤30
≤42
≤511
≤610
≤725
≤817
≤916
≤1012

CVSSv3 Temp

≤10
≤20
≤30
≤47
≤58
≤617
≤725
≤811
≤916
≤109

VulDB

≤10
≤20
≤30
≤44
≤513
≤615
≤719
≤817
≤913
≤1012

NVD

≤10
≤20
≤30
≤40
≤50
≤64
≤76
≤89
≤911
≤1011

CNA

≤10
≤20
≤30
≤40
≤52
≤60
≤70
≤80
≤90
≤100

Proveedor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Explotar día 0

<1k0
<2k0
<5k3
<10k27
<25k50
<50k13
<100k0
≥100k0

Explotar hoy

<1k81
<2k3
<5k4
<10k5
<25k0
<50k0
<100k0
≥100k0

Explotar el volumen del mercado

El año pasado

🔴 CTI Ocupaciones

Affected Versions (156): 1.0, 1.0.2, 1.1, 1.2, 1.2.2, 1.2.4, 1.2.6, 1.2.7, 1.2.8, 1.2.9, 1.3, 1.3.1, 1.3.2, 1.3.3, 1.3.4, 1.3.5, 1.3.6, 1.3.7, 1.3.8, 1.3.9, 1.4, 1.5, 1.6, 1.7, 2, 2.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.11, 2.0.11.1, 2.0.11.2, 2.0.12, 2.0.13, 2.0.14, 2.0.15, 2.0.16, 2.0.17, 2.0.18, 2.0.19, 2.0.21, 2.0.22, 2.0.23, 2.0.24, 2.0.25, 2.0.26, 2.0.27, 2.0.28, 2.0.29, 2.0.31, 2.0.32, 2.0.33, 2.1, 2.1.1, 2.1.2, 2.1.2 Beta, 2.1.3, 2.1.4, 2.1.5, 2.1.6, 2.1.8, 2.1.8.1, 2.2, 2.2.1, 2.2.1.1, 2.2.2, 2.2.3, 2.2.3.1, 2.3, 2.3.1, 2.3.1.1, 2.3.1.2, 2.3.2, 2.3.3, 2.3.4, 2.3.5, 2.3.6, 2.3.7, 2.3.8, 2.3.9, 2.3.11, 2.3.12, 2.3.13, 2.3.14, 2.3.14.1, 2.3.14.2, 2.3.15, 2.3.15.1, 2.3.15.3, 2.3.16, 2.3.16.1, 2.3.16.2, 2.3.16.3, 2.3.17, 2.3.18, 2.3.19, 2.3.21, 2.3.22, 2.3.23, 2.3.24, 2.3.24.1, 2.3.25, 2.3.26, 2.3.27, 2.3.28, 2.3.28.1, 2.3.29, 2.3.31, 2.3.32, 2.3.33, 2.3.34, 2.4, 2.5, 2.5.1, 2.5.2, 2.5.3, 2.5.4, 2.5.5, 2.5.6, 2.5.7, 2.5.8, 2.5.9, 2.5.11, 2.5.12, 2.5.13, 2.5.14, 2.5.15, 2.5.16, 2.5.17, 2.5.18, 2.5.19, 2.5.21, 2.5.22, 2.5.23, 2.5.24, 2.5.25, 2.5.26, 2.5.27, 2.5.28, 2.5.29, 2.5.31, 2.5.32, 6.0, 6.1, 6.1.1, 6.1.2, 6.1.2.1, 6.2, 6.3, 6.3.0.1

Link to Product Website: https://www.apache.org/

Tipo de software: Programming Tool Software

Fecha de publicaciónBaseTempVulnerabilidad0dayHoyExpConCTICVE
2023-12-078.07.9Apache Struts File Upload escalada de privilegios$5k-$25k$0-$5kNot DefinedOfficial Fix0.04CVE-2023-50164
2023-09-155.35.1Apache Struts File Upload denegación de servicio$5k-$25k$0-$5kNot DefinedOfficial Fix0.02CVE-2023-41835
2023-06-144.34.2Apache Struts denegación de servicio$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2023-34396
2023-06-144.34.2Apache Struts denegación de servicio$5k-$25k$0-$5kNot DefinedOfficial Fix0.04CVE-2023-34149
2022-12-105.25.1Apache Struts cross site scripting$5k-$25k$0-$5kNot DefinedOfficial Fix0.06CVE-2015-2992
2022-04-136.36.0Apache Struts Incomplete Fix CVE-2020-17530 escalada de privilegios$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2021-31805
2020-12-116.36.3Apache Struts OGNL Evaluation Privilege Escalation$5k-$25k$5k-$25kProof-of-ConceptOfficial Fix0.04CVE-2020-17530
2020-09-146.46.4Apache Struts File Upload escalada de privilegios$5k-$25k$5k-$25kNot DefinedNot Defined0.00CVE-2019-0233
2020-09-148.58.5Apache Struts Double OGNL Evaluation Remote Code Execution$5k-$25k$5k-$25kNot DefinedNot Defined0.00CVE-2019-0230
2019-12-057.07.0Apache Struts XSLT File escalada de privilegios$0-$5k$0-$5kNot DefinedNot Defined0.02CVE-2012-1592

83 no se muestran más entradas

🔒 Login Required

You need to signup and login to see more of the remaining 83 results.

más entradas por Apache

AnteriorVisión De ConjuntoPróximo

Do you want to use VulDB in your project?

Use the official API to access entries easily!