Lucene search

CVE-2020-17530

🗓️ 11 Dec 2020 02:10:15Reported by apacheType

cve🔗 web.nvd.nist.gov📰️ 66 Media mentions👁 1258 Views

CVE-2020-17530: Apache Struts 2 Remote Code Executio

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 79
Check Point Advisories	Apache Struts Remote Code Execution (CVE-2020-17530)	21 Dec 202000:00	–	checkpoint_advisories
CISA	Apache Releases Security Update for Apache Struts 2	8 Dec 202000:00	–	cisa
IBM Security Bulletins	Security Bulletin: IBM Sterling Order Management Apache Struts vulnerablity	11 May 202201:06	–	ibm
IBM Security Bulletins	Security Bulletin: CVE-2020-17530 may affect Apache struts2-core used by Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections	9 Jun 202208:03	–	ibm
IBM Security Bulletins	Security Bulletin: CVE-2020-17530 may affect Apache struts2-core used by Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections	9 Jun 202207:30	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in Apache Struts affects IBM Tivoli Application Dependency Discovery Manager (CVE-2020-17530)	13 Apr 202212:25	–	ibm
IBM Security Bulletins	Security Bulletin: CVE-2020-17530 may affect Apache struts2-core used by Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections	9 Jun 202208:01	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in Apache Struts framework affects IBM Spectrum Symphony	19 Mar 202109:21	–	ibm
IBM Security Bulletins	Security Bulletin: CVE-2020-17530 may affect Apache struts2-core used by Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections	9 Jun 202208:00	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities (CVE-2020-17530, CVE-2020-1971)	22 Jun 202118:02	–	ibm

Nvd

Vulners

Node

apache strutsRange2.0.0–2.5.30

Node

oracle business_intelligenceMatch12.2.1.3.0enterprise

oracle business_intelligenceMatch12.2.1.4.0enterprise

oracle communications_diameter_intelligence_hubMatch8.0.0

oracle communications_diameter_intelligence_hubMatch8.1.0

oracle communications_diameter_intelligence_hubMatch8.2.0

oracle communications_diameter_intelligence_hubMatch8.2.3

oracle communications_policy_managementMatch12.5.0

oracle communications_pricing_design_centerMatch12.0.0.3.0

oracle financial_services_data_integration_hubMatch8.0.3

oracle financial_services_data_integration_hubMatch8.0.6

oracle hospitality_opera_5Match5.6

oracle mysql_enterprise_monitorMatch8.0.23

[
  {
    "product": "Apache Struts",
    "vendor": "Apache Software Foundation",
    "versions": [
      {
        "status": "affected",
        "version": "Struts 2.0.0 - Struts 2.5.25"
      }
    ]
  }
]

Source	Link
oracle	www.oracle.com/security-alerts/cpujan2022.html
oracle	www.oracle.com/security-alerts/cpuoct2021.html
packetstormsecurity	www.packetstormsecurity.com/files/160721/Apache-Struts-2-Forced-Multi-OGNL-Evaluation.html
oracle	www.oracle.com/security-alerts/cpujan2021.html
cwiki	www.cwiki.apache.org/confluence/display/WW/S2-061
oracle	www.oracle.com//security-alerts/cpujul2021.html
openwall	www.openwall.com/lists/oss-security/2022/04/12/6
security	www.security.netapp.com/advisory/ntap-20210115-0005/
oracle	www.oracle.com/security-alerts/cpuApr2021.html
oracle	www.oracle.com/security-alerts/cpuapr2022.html

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

11 Dec 2020 02:15Current

9.6High risk

Vulners AI Score9.6

CVSS27.5

CVSS39.8

EPSS0.94395

cve-2020-17530 apache struts 2 remote code execution nvd vulnerability