HTTP: Apache Struts2 REST Plugin XStreamHandler Insecure Deserialization
An insecure deserialization vulnerability has been discovered in Apache Struts 2 REST Plugin. A remote attacker could exploit this vulnerability by sending a crafted request to the target server. Successful exploitation will allow an attacker to execute arbitrary code with the privileges of the server.
Extended Description
The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads.
Affected Products
Cisco hosted_collaboration_solution
References
CVE: CVE-2017-9805
Short Name
HTTP:APACHE:APACHE-REST-DE-SRL2
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
Apache CVE-2017-9805 Deserialization Insecure Plugin REST Struts2 XStreamHandler
Release Date
09/12/2017
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3727
False Positive
Unknown
Vendors
Apache
Netapp
Cisco
CVSS Score
6.8