{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40360?format=json","vulnerability_id":"VCID-vztu-pap6-37ev","summary":"Apache Struts vulnerable to remote arbitrary command execution due to improper input validation\nApache Struts versions prior to 2.3.32 and 2.5.10.1 contain incorrect exception handling and error-message generation during file-upload attempts using the Jakarta Multipart parser, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string.","aliases":[{"alias":"CVE-2017-5638"},{"alias":"GHSA-j77q-2qqg-6989"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/53728?format=json","purl":"pkg:maven/org.apache.struts/struts2-core@2.3.32","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-mmth-7rgf-aqfa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.3.32"},{"url":"http://public2.vulnerablecode.io/api/packages/53729?format=json","purl":"pkg:maven/org.apache.struts/struts2-core@2.5.10.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-21k4-5a8r-7bd9"},{"vulnerability":"VCID-hrky-nmnv-g3eu"},{"vulnerability":"VCID-mmth-7rgf-aqfa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.5.10.1"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/56818?format=json","purl":"pkg:maven/org.apache.struts/struts2-core@2.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cv6j-98vx-n3ed"},{"vulnerability":"VCID-vztu-pap6-37ev"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.3.0"},{"url":"http://public2.vulnerablecode.io/api/packages/56819?format=json","purl":"pkg:maven/org.apache.struts/struts2-core@2.5.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8cmt-z8g9-duf2"},{"vulnerability":"VCID-cv6j-98vx-n3ed"},{"vulnerability":"VCID-vztu-pap6-37ev"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.struts/struts2-core@2.5.0"}],"references":[{"reference_url":"https://arstechnica.com/security/2017/03/critical-vulnerability-under-massive-attack-imperils-high-impact-sites","reference_id":"","reference_type":"","scores":[],"url":"https://arstechnica.com/security/2017/03/critical-vulnerability-under-massive-attack-imperils-high-impact-sites"},{"reference_url":"https://cwiki.apache.org/confluence/display/WW/S2-045","reference_id":"","reference_type":"","scores":[],"url":"https://cwiki.apache.org/confluence/display/WW/S2-045"},{"reference_url":"https://cwiki.apache.org/confluence/display/WW/S2-046","reference_id":"","reference_type":"","scores":[],"url":"https://cwiki.apache.org/confluence/display/WW/S2-046"},{"reference_url":"https://exploit-db.com/exploits/41570","reference_id":"","reference_type":"","scores":[],"url":"https://exploit-db.com/exploits/41570"},{"reference_url":"https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=352306493971e7d5a756d61780d57a76eb1f519a","reference_id":"","reference_type":"","scores":[],"url":"https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=352306493971e7d5a756d61780d57a76eb1f519a"},{"reference_url":"https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=6b8272ce47160036ed120a48345d9aa884477228","reference_id":"","reference_type":"","scores":[],"url":"https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=6b8272ce47160036ed120a48345d9aa884477228"},{"reference_url":"https://git1-us-west.apache.org/repos/asf?p=struts.git;a=commit;h=352306493971e7d5a756d61780d57a76eb1f519a","reference_id":"","reference_type":"","scores":[],"url":"https://git1-us-west.apache.org/repos/asf?p=struts.git;a=commit;h=352306493971e7d5a756d61780d57a76eb1f519a"},{"reference_url":"https://git1-us-west.apache.org/repos/asf?p=struts.git;a=commit;h=6b8272ce47160036ed120a48345d9aa884477228","reference_id":"","reference_type":"","scores":[],"url":"https://git1-us-west.apache.org/repos/asf?p=struts.git;a=commit;h=6b8272ce47160036ed120a48345d9aa884477228"},{"reference_url":"https://github.com/apache/struts","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/struts"},{"reference_url":"https://github.com/apache/struts/commit/352306493971e7d5a756d61780d57a76eb1f519a","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/struts/commit/352306493971e7d5a756d61780d57a76eb1f519a"},{"reference_url":"https://github.com/apache/struts/commit/b06dd50af2a3319dd896bf5c2f4972d2b772cf2b","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/struts/commit/b06dd50af2a3319dd896bf5c2f4972d2b772cf2b"},{"reference_url":"https://github.com/mazen160/struts-pwn","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mazen160/struts-pwn"},{"reference_url":"https://github.com/rapid7/metasploit-framework/issues/8064","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/rapid7/metasploit-framework/issues/8064"},{"reference_url":"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03733en_us","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03733en_us"},{"reference_url":"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03749en_us","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03749en_us"},{"reference_url":"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03723en_us","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03723en_us"},{"reference_url":"https://isc.sans.edu/diary/22169","reference_id":"","reference_type":"","scores":[],"url":"https://isc.sans.edu/diary/22169"},{"reference_url":"https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7@%3Cannounce.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7@%3Cannounce.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7%40%3Cannounce.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7%40%3Cannounce.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c@%3Cannounce.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c@%3Cannounce.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922@%3Cannounce.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922@%3Cannounce.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922%40%3Cannounce.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922%40%3Cannounce.apache.org%3E"},{"reference_url":"https://nmap.org/nsedoc/scripts/http-vuln-cve2017-5638.html","reference_id":"","reference_type":"","scores":[],"url":"https://nmap.org/nsedoc/scripts/http-vuln-cve2017-5638.html"},{"reference_url":"https://packetstormsecurity.com/files/141494/S2-45-poc.py.txt","reference_id":"","reference_type":"","scores":[],"url":"https://packetstormsecurity.com/files/141494/S2-45-poc.py.txt"},{"reference_url":"https://security.netapp.com/advisory/ntap-20170310-0001","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20170310-0001"},{"reference_url":"https://struts.apache.org/docs/s2-045.html","reference_id":"","reference_type":"","scores":[],"url":"https://struts.apache.org/docs/s2-045.html"},{"reference_url":"https://struts.apache.org/docs/s2-046.html","reference_id":"","reference_type":"","scores":[],"url":"https://struts.apache.org/docs/s2-046.html"},{"reference_url":"https://support.lenovo.com/us/en/product_security/len-14200","reference_id":"","reference_type":"","scores":[],"url":"https://support.lenovo.com/us/en/product_security/len-14200"},{"reference_url":"https://twitter.com/theog150/status/841146956135124993","reference_id":"","reference_type":"","scores":[],"url":"https://twitter.com/theog150/status/841146956135124993"},{"reference_url":"https://web.archive.org/web/20170311203630/http://www.securityfocus.com/bid/96729","reference_id":"","reference_type":"","scores":[],"url":"https://web.archive.org/web/20170311203630/http://www.securityfocus.com/bid/96729"},{"reference_url":"https://web.archive.org/web/20170921030226/http://www.securitytracker.com/id/1037973","reference_id":"","reference_type":"","scores":[],"url":"https://web.archive.org/web/20170921030226/http://www.securitytracker.com/id/1037973"},{"reference_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-5638","reference_id":"","reference_type":"","scores":[],"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-5638"},{"reference_url":"https://www.exploit-db.com/exploits/41614","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/41614"},{"reference_url":"https://www.kb.cert.org/vuls/id/834067","reference_id":"","reference_type":"","scores":[],"url":"https://www.kb.cert.org/vuls/id/834067"},{"reference_url":"https://www.symantec.com/security-center/network-protection-security-advisories/SA145","reference_id":"","reference_type":"","scores":[],"url":"https://www.symantec.com/security-center/network-protection-security-advisories/SA145"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5638","reference_id":"CVE-2017-5638","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5638"},{"reference_url":"https://www.imperva.com/blog/2017/03/cve-2017-5638-new-remote-code-execution-rce-vulnerability-in-apache-struts-2","reference_id":"CVE-2017-5638-NEW-REMOTE-CODE-EXECUTION-RCE-VULNERABILITY-IN-APACHE-STRUTS-2","reference_type":"","scores":[],"url":"https://www.imperva.com/blog/2017/03/cve-2017-5638-new-remote-code-execution-rce-vulnerability-in-apache-struts-2"},{"reference_url":"https://github.com/advisories/GHSA-j77q-2qqg-6989","reference_id":"GHSA-j77q-2qqg-6989","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-j77q-2qqg-6989"}],"weaknesses":[{"cwe_id":20,"name":"Improper Input Validation","description":"The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly."},{"cwe_id":755,"name":"Improper Handling of Exceptional Conditions","description":"The product does not handle or incorrectly handles an exceptional condition."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."},{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."}],"exploits":[],"severity_range_score":null,"exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vztu-pap6-37ev"}