HTTP: Apache Struts 2 ParametersInterceptor OGNL Command Execution
This signature detects attempts to exploit a known vulnerability in Apache Struts 2. A successful attack will result in the execution of command in the security context of the affected web application server.
Extended Description
Apache Struts is prone to a security-bypass vulnerability because it fails to adequately handle user-supplied input. Attackers can exploit this issue to manipulate server-side context objects with the privileges of the user running the application. Successful exploits can compromise the application and possibly the underlying computer. This issue is related to the vulnerability documented in BID 32101(XWork 'ParameterInterceptor' Class OGNL Security Bypass Vulnerability). Apache Struts versions 2.0.0 through 2.3.1.1 are vulnerable.
Affected Products
Apache_software_foundation struts
Short Name
HTTP:APACHE:STRUTS2-OGNL-CE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
2 Apache CVE-2011-3923 Command Execution OGNL ParametersInterceptor Struts bid:51628
Release Date
03/29/2012
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Apache_software_foundation
CVSS Score
7.5