Vulnerability Details : CVE-2014-0112
Public exploit exists!
ParametersInterceptor in Apache Struts before 2.3.20 does not properly restrict access to the getClass method, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0094.
Vulnerability category: Execute code
Products affected by CVE-2014-0112
- cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2014-0112
97.18%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2014-0112
-
Apache Struts ClassLoader Manipulation Remote Code Execution
Disclosure Date: 2014-03-06First seen: 2020-04-26exploit/multi/http/struts_code_exec_classloaderThis module exploits a remote command execution vulnerability in Apache Struts versions 1.x (<= 1.3.10) and 2.x (< 2.3.16.2). In Struts 1.x the problem is related with the ActionForm bean population mechanism while in case of Struts 2.x the vulnerability is due to th
CVSS scores for CVE-2014-0112
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
CWE ids for CVE-2014-0112
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-0112
-
http://packetstormsecurity.com/files/127215/VMware-Security-Advisory-2014-0007.html
VMware Security Advisory 2014-0007 ≈ Packet StormThird Party Advisory;VDB Entry
-
http://jvndb.jvn.jp/jvndb/JVNDB-2014-000045
JVNDB-2014-000045 - JVN iPedia - 脆弱性対策情報データベースThird Party Advisory;VDB Entry
-
http://www.securityfocus.com/archive/1/531952/100/0/threaded
SecurityFocusThird Party Advisory;VDB Entry
-
http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html
Oracle Critical Patch Update - April 2015Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2019:0910
RHSA-2019:0910 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://www-01.ibm.com/support/docview.wss?uid=swg21676706
IBM Security Bulletin: IBM Sterling Order Management, IBM Sterling Configure, Price, Quote and Sterling Web Channel are affected by Apache Struts 2 security vulnerabilitiesThird Party Advisory
-
http://www.securityfocus.com/archive/1/532549/100/0/threaded
SecurityFocusThird Party Advisory;VDB Entry
-
http://www.vmware.com/security/advisories/VMSA-2014-0007.html
VMSA-2014-0007.2Third Party Advisory
-
http://jvn.jp/en/jp/JVN19294237/index.html
JVN#19294237: Apache Struts vulnerable to ClassLoader manipulationThird Party Advisory;VDB Entry
-
http://secunia.com/advisories/59178
Sign inPermissions Required
-
http://www.securityfocus.com/bid/67064
Apache Struts ClassLoader Manipulation Incomplete Fix Security Bypass VulnerabilityThird Party Advisory;VDB Entry
-
https://cwiki.apache.org/confluence/display/WW/S2-021
S2-021 - DEPRECATED: Apache Struts 2 Documentation - Apache Software FoundationPatch;Vendor Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=1091939
1091939 – (CVE-2014-0112) CVE-2014-0112 struts2: ClassLoader manipulation via request parametersIssue Tracking
Jump to