2016-10-03 17:59:01 2017-08-09 03:29:05

Apache Struts 2 before 2.3.29 and 2.5.x before 2.5.1 allow attackers to have unspecified impact via vectors related to improper action name clean up.

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL
Apache Software Foundation Struts 2.3.16 Apache Software Foundation Struts 2.3.14 Apache Software Foundation Struts 2.3.12 Apache Software Foundation Struts 2.3.15 Apache Struts 2.5 (not an official CPE) Apache Software Foundation Struts 2.3.15.1 Apache Software Foundation Struts 2.3.15.2 Apache Software Foundation Struts 2.0.11.2 Apache Software Foundation Struts 2.3.4.1 Apache Software Foundation Struts 2.2.3.1 Apache Software Foundation Struts 2.2.1.1 Apache Software Foundation Struts 2.0.4 Apache Struts 2.3.24 (not an official CPE) Apache Software Foundation Struts 2.0.2 Apache Software Foundation Struts 2.0.5 Apache Software Foundation Struts 2.2.3 Apache Software Foundation Struts 2.0.8 Apache Software Foundation Struts 2.0.3 Apache Software Foundation Struts 2.2.1 Apache Software Foundation Struts 2.0.6 Apache Software Foundation Struts 2.3.1.1 Apache Software Foundation Struts 2.0.9 Apache Software Foundation Struts 2.0.7 Apache Software Foundation Struts 2.3.1.2 Apache Software Foundation Struts 2.0.0 Apache Software Foundation Struts 2.0.14 Apache Software Foundation Struts 2.0.1 Apache Software Foundation Struts 2.3.16.2 Apache Software Foundation Struts 2.1.8.1 Apache Software Foundation Struts 2.3.16.3 Apache Software Foundation Struts 2.3.7 Apache Software Foundation Struts 2.3.8 Apache Struts 2.3.28.1 (not an official CPE) Apache Software Foundation Struts 2.3.14.2 Apache Software Foundation Struts 2.3.14.3 Apache Software Foundation Struts 2.3.16.1 Apache Struts 2.5 Beta1 (not an official CPE) Apache Software Foundation Struts 2.3.1 Apache Software Foundation Struts 2.0.12 Apache Software Foundation Struts 2.3.3 Apache Software Foundation Struts 2.0.11 Apache Software Foundation Struts 2.1.8 Apache Software Foundation Struts 2.3.14.1 Apache Software Foundation Struts 2.0.11.1 Apache Struts 2.5 Beta3 (not an official CPE) Apache Struts 2.3.20.3 (not an official CPE) Apache Software Foundation Struts 2.3.20 Apache Struts 2.3.20.1 (not an official CPE) Apache Struts 2.5 Beta2 (not an official CPE) Apache Software Foundation Struts 2.3.15.3 Apache Struts 2.3.24.3 (not an official CPE) Apache Struts 2.3.24.1 (not an official CPE) Apache Struts 2.3.28 (not an official CPE) Apache Software Foundation Struts 2.3.4 Apache Software Foundation Struts 2.1.6