The Latest in IT Security

Cisco Patches Four-Year-Old Apache Struts 2 Issue

14
Jul
2014

A vulnerability in Apache Struts 2 that would allow a potential attacker to execute arbitrary code on an affected system has been patched by Cisco at the end of last week; the security issue was initially reported in July 2010.The problem occurred because of improper sanitization of the input in the XWorks component in Apache Struts 2. A malcrafted Object-Graph Navigation Language (OGNL) expression could be used by an attacker to compromise a vulnerable system.As noted in the original report o…

Related posts:
  1. Apache Struts 2.3.16.2 Released to Properly Fix Zero-Day Vulnerability
  2. VMware Implements Apache Struts Security Fixes in vCOps
  3. Apache Struts 2 exploit used to install ransomware on servers
  4. Chinese Underground Creates Tool Exploiting Apache Struts Vulnerability
  5. “Zealot” Apache Struts Attacks Abuses NSA Exploits

Tags:  
Written by Softpedia
0 Comments
Comments are closed.

Categories

SUNDAY, FEBRUARY 23, 2025
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments