JSON View XML View

Key Value
MTID M118215
Title Apache Struts Jakarta Multipart Parser Remote Code Execution
Description A vulnerability in some versions of Apache Struts could lead to remote code execution.
Observation A vulnerability in some versions of Apache Struts could lead to remote code execution.

The flaw lies in the handling of a malicious Content-Type value. Successful exploitation by a remote attacker could result in the execution of arbitrary code.
Recommendation The vendor has released an update to address the issue:

https://cwiki.apache.org/confluence/display/WW/S2-045
Vendor Apache
Attack Vector Malicious remote network traffic
Importance 9
Impact 10.00084536000
Threat Score 9.33
Labels
References
CVECVE-2017-5638
MTIDM118215
CPEs
cpe:/a:apache:struts:2.5.10
Created At 2017-03-06 00:00:00 UTC
Updated At 2017-03-10 16:08:46 UTC

Back