CVE-2013-2134 in Apache Struts信息

摘要 (英语)

Apache Struts 2 before 2.3.14.3 allows remote attackers to execute arbitrary OGNL code via a request with a crafted action name that is not properly handled during wildcard matching, a different vulnerability than CVE-2013-2135.

预定

2013-02-19

披露

2013-07-16

条目

VulDB provides additional information and datapoints for this CVE:

标识符	漏洞	CWE	可利用	对策	CVE
9022	Apache Struts OGNL Expression 权限提升	94	概念验证	官方修复	CVE-2013-2134

描述

CPE

CWE

CVSS

漏洞利用

历史

差异

连接

威胁情报

API JSON

API XML

API CSV

◂ 上一步一览下一步 ▸

Want to know what is going to be exploited?

We predict KEV entries!