Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2018-11776

Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true (either by user or a plugin like Convention Plugin) and then: results are used with no namespace and in same time, its upper package have no or wildcard namespace and similar to results, same possibility when using url tag which doesn't have value and action set and in same time, its upper package have no or wildcard namespace.

Published

2018-08-22T13:29:00.753

Last Modified

2025-03-13T21:01:25.353

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 8.1 (HIGH)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

8.6

Impact Score

10.0

Weaknesses

Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	apache	struts	< 2.3.35	Yes
Application	apache	struts	< 2.5.17	Yes
Application	netapp	active_iq_unified_manager	≥ 7.3	Yes
Application	netapp	active_iq_unified_manager	≥ 9.5	Yes
Application	netapp	oncommand_insight	-	Yes
Application	netapp	oncommand_workflow_automation	-	Yes
Application	netapp	snapcenter	-	Yes
Application	oracle	communications_policy_management	< 12.5.0	Yes
Application	oracle	enterprise_manager_base_platform	13.3.0.0	Yes
Application	oracle	enterprise_manager_base_platform	13.4.0.0	Yes
Application	oracle	mysql_enterprise_monitor	≤ 3.4.9.4237	Yes
Application	oracle	mysql_enterprise_monitor	≤ 4.0.6.5281	Yes
Application	oracle	mysql_enterprise_monitor	≤ 8.0.2.8191	Yes

References

http://packetstormsecurity.com/files/172830/Apache-Struts-Remote-Code-Execution.html Third Party Advisory, VDB Entry ([email protected])
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-005.txt Mailing List, Third Party Advisory, Broken Link ([email protected])
http://www.oracle.com/technetwork/security-advisory/alert-cve-2018-11776-5072787.html Patch, Third Party Advisory ([email protected])
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html Patch, Third Party Advisory ([email protected])
http://www.securityfocus.com/bid/105125 Broken Link, Third Party Advisory, VDB Entry ([email protected])
http://www.securitytracker.com/id/1041547 Broken Link, Third Party Advisory, VDB Entry ([email protected])
http://www.securitytracker.com/id/1041888 Broken Link, Third Party Advisory, VDB Entry ([email protected])
https://cwiki.apache.org/confluence/display/WW/S2-057 Issue Tracking, Third Party Advisory ([email protected])
https://github.com/hook-s3c/CVE-2018-11776-Python-PoC Exploit, Third Party Advisory ([email protected])
https://lgtm.com/blog/apache_struts_CVE-2018-11776 Exploit, Third Party Advisory ([email protected])
https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E Mailing List ([email protected])
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0012 Third Party Advisory ([email protected])
https://security.netapp.com/advisory/ntap-20180822-0001/ Third Party Advisory ([email protected])
https://security.netapp.com/advisory/ntap-20181018-0002/ Third Party Advisory ([email protected])
https://www.exploit-db.com/exploits/45260/ Exploit, Third Party Advisory, VDB Entry ([email protected])
https://www.exploit-db.com/exploits/45262/ Exploit, Third Party Advisory, VDB Entry ([email protected])
https://www.exploit-db.com/exploits/45367/ Exploit, Third Party Advisory, VDB Entry ([email protected])
https://www.oracle.com/security-alerts/cpujul2020.html Third Party Advisory ([email protected])
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html Patch, Third Party Advisory ([email protected])
http://packetstormsecurity.com/files/172830/Apache-Struts-Remote-Code-Execution.html Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-005.txt Mailing List, Third Party Advisory, Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://www.oracle.com/technetwork/security-advisory/alert-cve-2018-11776-5072787.html Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/105125 Broken Link, Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1041547 Broken Link, Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1041888 Broken Link, Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
https://cwiki.apache.org/confluence/display/WW/S2-057 Issue Tracking, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/hook-s3c/CVE-2018-11776-Python-PoC Exploit, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://lgtm.com/blog/apache_struts_CVE-2018-11776 Exploit, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E Mailing List (af854a3a-2127-422b-91ae-364da2661108)
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0012 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://security.netapp.com/advisory/ntap-20180822-0001/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://security.netapp.com/advisory/ntap-20181018-0002/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.exploit-db.com/exploits/45260/ Exploit, Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
https://www.exploit-db.com/exploits/45262/ Exploit, Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
https://www.exploit-db.com/exploits/45367/ Exploit, Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
https://www.oracle.com/security-alerts/cpujul2020.html Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)