SOL9970: Subscribing to email notifications regarding F5 products
SOL9957: Creating a custom RSS feed to view new and updated documents
SOL4602: Overview of the F5 security vulnerability response policy
SOL4918: Overview of the F5 critical issue hotfix policy
SOL14933: Apache Struts vulnerability CVE-2013-2251
SOL15260: Apache Struts vulnerability CVE-2014-0094
SOL15261: Apache Struts vulnerability CVE-2014-0112
SOL15241: Applying user-defined attack signatures to block malicious attacks on certain Apache Struts vulnerabilities

References

support.f5.com/kb/en-us/solutions/public/14000/900/sol14933.html

support.f5.com/kb/en-us/solutions/public/15000/200/sol15241.html

support.f5.com/kb/en-us/solutions/public/15000/200/sol15260.html

support.f5.com/kb/en-us/solutions/public/15000/200/sol15261.html

support.f5.com/kb/en-us/solutions/public/4000/600/sol4602.html

support.f5.com/kb/en-us/solutions/public/4000/900/sol4918.html

support.f5.com/kb/en-us/solutions/public/9000/900/sol9957.html

support.f5.com/kb/en-us/solutions/public/9000/900/sol9970.html

f5 7

ibm 19

checkpoint_advisories 3

ubuntucve 5

openvas 9

prion 5

osv 5

github 5

nessus 15

veracode 1

jvn 2

cve 5

zdt 3

packetstorm 4

threatpost 1

securityvulns 13

vmware 2

seebug 2

d2 1

attackerkb 1

saint 4

dsquare 1

canvas 1

cisa_kev 1

nuclei 1

exploitdb 2

cisco 1

hackerone 1

cert 1

exploitpack 1

kitploit 2

huawei 2

redhat 1

rapid7blog 1

wallarmlab 1

oracle 4

SOL14933 - Apache Struts vulnerability CVE-2013-2251

2014-01-20 00:00:00

SOL15261 - Apache Struts vulnerability CVE-2014-0112

2014-05-15 00:00:00

SOL15260 - Apache Struts vulnerability CVE-2014-0094

2014-05-15 00:00:00

ibm

Security Bulletin: IBM Sterling Order Management, IBM Sterling Configure, Price, Quote and Sterling Web Channel are affected by Apache Struts 2 security vulnerabilities

2020-02-11 21:39:06

Security Bulletin: IBM Platform Symphony (CVE-2014-0094, CVE-2014-0112, CVE-2014-0113, CVE-2014-0116)

2018-06-18 01:25:07

Security Bulletin: The IBM FlashSystem V840 product model numbers AC0 and AC1 nodes are affected by vulnerabilities in Apache’s Struts library

2018-06-18 00:08:33

checkpoint_advisories

Apache Struts ParametersInterceptor ClassLoader Security Bypass (CVE-2014-0094; CVE-2014-0112; CVE-2014-0113; CVE-2014-0114)

2014-04-25 00:00:00

Apache Struts Remote Command Execution (CVE-2013-2251)

2013-07-25 00:00:00

Apache Struts Remote Command Execution - Ver2 (CVE-2013-2251)

2015-05-18 00:00:00

ubuntucve

CVE-2014-0113

2014-04-29 00:00:00

CVE-2014-0112

2014-04-29 00:00:00

CVE-2013-2251

2013-07-20 00:00:00

openvas

Apache Struts ClassLoader Manipulation Vulnerabilities (S2-021) - Linux

2019-08-28 00:00:00

Apache Archiva Multiple Remote Command Execution Vulnerabilities

2014-01-15 00:00:00

Apache Struts Security Update (S2-020) - Active Check

2014-05-14 00:00:00

prion

Design/Logic Flaw

2014-04-29 10:37:00

Design/Logic Flaw

2014-04-29 10:37:00

Code injection

2013-07-20 03:37:00

osv

ClassLoader manipulation in Apache Struts

2022-05-14 00:54:16

ClassLoader manipulation in Apache Struts

2022-05-14 00:54:15

Code injection in Apache Struts

2022-05-13 01:14:26

github

ClassLoader manipulation in Apache Struts

2022-05-14 00:54:16

ClassLoader manipulation in Apache Struts

2022-05-14 00:54:15

Code injection in Apache Struts

2022-05-13 01:14:26

nessus

Apache Struts 2.x < 2.3.20 Multiple ClassLoader Manipulation Vulnerabilities (S2-021)

2018-09-12 00:00:00

Apache Struts 2 ClassLoader Manipulation Incomplete Fix for Security Bypass

2014-04-29 00:00:00

MySQL Enterprise Monitor < 2.3.17 Multiple Vulnerabilities

2015-05-08 00:00:00

veracode

Class Loader Manipulation With CookieInterceptor

2014-06-06 18:13:23

jvn

JVN#19294237: Apache Struts vulnerable to ClassLoader manipulation

2014-04-25 00:00:00

JVN#33504150: Apache Struts vulnerable to remote command execution

2013-09-06 00:00:00

cve

CVE-2014-0112

2014-04-29 10:37:00

CVE-2014-0113

2014-04-29 10:37:00

CVE-2013-2251

2013-07-20 03:37:00

zdt

Apache Struts ClassLoader Manipulation Remote Code Execution Exploit

2014-05-03 00:00:00

Apache Struts < 1.3.10 / < 2.3.16.2 - ClassLoader Manipulation Remote Code Execution Exploit

2017-03-23 00:00:00

Apache Struts 2 DefaultActionMapper Prefixes OGNL Code Execution

2013-07-26 00:00:00

packetstorm

Apache Struts ClassLoader Manipulation Remote Code Execution

2014-05-02 00:00:00

Apache Struts 2 DefaultActionMapper Prefixes OGNL Code Execution

2013-07-25 00:00:00

Apache Struts 2 Remote Code Execution

2020-10-20 00:00:00

threatpost

VMware Patches Apache Struts Flaws in vCOPS

2014-06-25 13:59:49

securityvulns

Apache Struts multiple security vulnerabilities

2014-05-07 00:00:00

[ANN][SECURITY] ClassLoader manipulation issue confirmed for Struts 1 - CVE-2014-0114

2014-05-02 00:00:00

[ANN][SECURITY] Struts 1 - CVE-2014-0114 -Mitigation Advice Available, Possible RCE Impact

2014-05-02 00:00:00

vmware

VMware product updates address security vulnerabilities in Apache Struts library

2014-06-24 00:00:00

VMware product updates address security vulnerabilities in Apache Struts library

2014-06-24 00:00:00

seebug

Apache Struts2 多个前缀参数远程命令执行漏洞(CVE-2013-2251)

2013-07-17 00:00:00

Apache Struts ClassLoader操作漏洞

2014-03-10 00:00:00

DSquare Exploit Pack: D2SEC_STRUTS4

2013-07-20 03:37:00

attackerkb

CVE-2013-2251

2013-07-20 00:00:00

saint

Apache Struts DefaultActionMapper redirect Prefix Vulnerability

2013-08-01 00:00:00

Apache Struts DefaultActionMapper redirect Prefix Vulnerability

2013-08-01 00:00:00

Apache Struts DefaultActionMapper redirect Prefix Vulnerability

2013-08-01 00:00:00

dsquare

Apache-Struts DefaultActionMapper < 2.3.15.1 RCE Linux

2013-10-20 00:00:00

canvas

Immunity Canvas: STRUTS2_DEFAULT_ACTION_MAPPER

2013-07-20 03:37:00

cisa_kev

Apache Struts Improper Input Validation Vulnerability

2022-03-25 00:00:00

nuclei

Apache Struts 2 - DefaultActionMapper Prefixes OGNL Code Execution

2020-10-13 22:06:01

exploitdb

Apache Struts 2 - DefaultActionMapper Prefixes OGNL Code Execution

2020-10-20 00:00:00

Apache Struts2 2.0.0 < 2.3.15 - Prefixed Parameters OGNL Injection

2014-01-14 00:00:00

cisco

Apache Struts 2 Command Execution Vulnerability in Multiple Cisco Products

2013-10-23 16:00:00

hackerone

U.S. Dept Of Defense: Remote code execution vulnerability on a DoD website

2016-12-19 23:00:16

cert

Apache Struts2 ClassLoader allows access to class properties via request parameters

2014-04-25 00:00:00

exploitpack

Apache Struts2 2.0.0 2.3.15 - Prefixed Parameters OGNL Injection

2014-01-14 00:00:00

kitploit

Apache Struts v3 - Tool To Exploit 3 RCE Vulnerabilities On ApacheStruts

2018-08-26 21:14:00

Vulmap - Web Vulnerability Scanning And Verification Tools

2020-12-25 11:30:00

huawei

Security Advisory-Apache Struts2 vulnerability on Huawei multiple products

2014-07-07 00:00:00

Security Advisory-Multiple Apache Struts2 Vulnerabilities in Huawei Products

2013-07-30 00:00:00

redhat

(RHSA-2019:0910) Important: Red Hat Fuse 7.3 security update

2019-04-30 15:17:04

rapid7blog

Spring4Shell: Zero-Day Vulnerability in Spring Framework (CVE-2022-22965)

2022-03-30 22:33:54

wallarmlab

New Struts2 Remote Code Execution exploit caught in the wild

2017-03-09 00:15:54

oracle

Oracle Critical Patch Update - April 2015

2015-04-14 00:00:00

Oracle Critical Patch Update - October 2013

2013-10-15 00:00:00

Oracle Critical Patch Update - January 2014

2014-01-14 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.974 High

EPSS

Percentile

99.9%

JSON

Related for SOL15262