Vulnerability Details : CVE-2008-6504
ParametersInterceptor in OpenSymphony XWork 2.0.x before 2.0.6 and 2.1.x before 2.1.2, as used in Apache Struts and other products, does not properly restrict # (pound sign) references to context objects, which allows remote attackers to execute Object-Graph Navigation Language (OGNL) statements and modify server-side context objects, as demonstrated by use of a \u0023 representation for the # character.
Vulnerability category: Input validation
Products affected by CVE-2008-6504
- cpe:2.3:a:apache:struts:2.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:apache:struts:2.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:apache:struts:2.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:apache:struts:2.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:struts:2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:struts:2.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:apache:struts:2.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:apache:struts:2.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:apache:struts:2.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:struts:2.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:apache:struts:2.0.11.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:struts:2.0.11.2:*:*:*:*:*:*:*
- cpe:2.3:a:opensymphony:xwork:2.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:opensymphony:xwork:2.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:opensymphony:xwork:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:opensymphony:xwork:2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:opensymphony:xwork:2.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:opensymphony:xwork:2.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:opensymphony:xwork:2.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:opensymphony:xwork:2.0.4:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2008-6504
5.67%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 93 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2008-6504
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:P/A:N |
10.0
|
2.9
|
NIST |
CWE ids for CVE-2008-6504
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2008-6504
-
http://issues.apache.org/struts/browse/WW-2692
404 Not FoundExploit
-
http://www.vupen.com/english/advisories/2008/3004
Webmail: access your OVH emails on ovhcloud.com | OVHcloud
-
http://www.vupen.com/english/advisories/2008/3003
Webmail: access your OVH emails on ovhcloud.com | OVHcloudVendor Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/46328
XWork ParameterInterceptor security bypass CVE-2008-6504 Vulnerability Report
-
http://www.securityfocus.com/bid/32101
-
http://jira.opensymphony.com/browse/XW-641
Exploit
-
http://struts.apache.org/2.x/docs/s2-003.html
S2-003 - Apache Struts 2 Wiki - Apache Software FoundationExploit
-
http://fisheye6.atlassian.com/cru/CR-9/
Patch
Jump to