Lucene search
Huawei TechnologiesHUAWEI-SA-20140707-01-STRUTS2HistoryJul 07, 2014 - 12:00 a.m.
Security Advisory-Apache Struts2 vulnerability on Huawei multiple products
2014-07-0700:00:00
Huawei Technologies
www.huawei.com
57
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.971 High
EPSS
Percentile
99.8%
Some versions of Apache Struts2 software used in Huawei devices have security vulnerabilities. A patch released for the software to fix vulnerabilities CVE-2014-0050 and CVE-2014-0094 has the risk of being bypassed. (Vulnerability ID: HWPSIRT-2014-0420)
This Vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID: CVE-2014-0116.
Related
openvas
openvas
Apache Struts 2.x < 2.3.16.1 Multiple Vulnerabilities (S2-020) - Linux
2019-08-28 00:00:00
Apache Struts Security Update (S2-020) - Version Check
2019-08-28 00:00:00
Mageia: Security Advisory (MGASA-2014-0109)
2022-01-28 00:00:00
nessus
nessus
Apache Struts 2.0.0 < 2.3.16.1 Multiple Vulnerabilities (credentialed check) (Deprecated)
2015-01-30 00:00:00
MySQL Enterprise Monitor < 2.3.17 Multiple Vulnerabilities
2015-05-08 00:00:00
MySQL Enterprise Monitor 3.0.x < 3.0.11 Multiple Vulnerabilities
2015-05-08 00:00:00
threatpost
threatpost
VMware Patches Apache Struts Flaws in vCOPS
2014-06-25 13:59:49
ibm
ibm
Security Bulletin: The IBM FlashSystem V840 product model numbers AC0 and AC1 nodes are affected by vulnerabilities in Apache’s Struts library
2018-06-18 00:08:33
vmware
vmware
VMware vSphere product updates to third party libraries
2014-09-09 00:00:00
cert
cert
osv
osv
ClassLoader manipulation in Apache Struts
2022-05-14 00:54:15
Commons FileUpload Denial of service vulnerability
2018-12-21 17:51:42
ClassLoader manipulation in Apache Struts
2022-05-14 00:54:16
hackerone
hackerone
U.S. Dept Of Defense: Remote code execution vulnerability on a DoD website
2016-12-19 23:00:16
prion
prion
Security feature bypass
2014-03-11 13:00:00
Design/Logic Flaw
2014-04-01 06:27:00
Design/Logic Flaw
2014-04-29 10:37:00
github
github
ClassLoader manipulation in Apache Struts
2022-05-14 00:54:15
Commons FileUpload Denial of service vulnerability
2018-12-21 17:51:42
ClassLoader manipulation in Apache Struts
2022-05-14 00:54:16
ubuntucve
ubuntucve
atlassian
atlassian
Security vulnerability in apache commons fileupload
2014-02-10 05:56:15
Security vulnerability in apache commons fileupload
2014-02-10 05:56:15
Security vulnerability in apache commons fileupload
2014-02-10 05:56:15
seebug
seebug
Apache Commons FileUpload/Apache Tomcat拒绝服务漏洞
2014-02-13 00:00:00
Apache Struts ClassLoader操作漏洞
2014-03-10 00:00:00
Apache Commons FileUpload and Apache Tomcat - Denial-of-Service
2014-07-01 00:00:00
securityvulns
securityvulns
[SECURITY] CVE-2014-0050 Apache Commons FileUpload and Apache Tomcat DoS
2014-03-31 00:00:00
[security bulletin] HPSBGN03329 rev.1 - HP SDN VAN Controller, Remote Denial of Service (DoS), Distributed Denial of Service (DDoS)
2015-05-11 00:00:00
HP SDN VAN Controller DoS
2015-05-11 00:00:00
debian
debian
[SECURITY] [DSA 2856-1] libcommons-fileupload-java security update
2014-02-07 22:59:08
[SECURITY] [DSA 2897-1] tomcat7 security update
2014-04-08 18:25:14
veracode
veracode
Denial Of Service (DoS) By An Infinite Loop Causing CPU Consumption
2019-01-15 08:58:15
Class Loader Manipulation With CookieInterceptor
2014-06-06 18:13:23
debiancve
debiancve
CVE-2014-0050
2014-04-01 06:27:00
f5
f5
K15260 : Apache Struts vulnerability CVE-2014-0094
2014-05-15 00:00:00
K15189 : Apache Commons FileUpload vulnerability CVE-2014-0050
2015-08-15 00:00:00
SOL15189 - Apache Commons FileUpload vulnerability CVE-2014-0050
2014-04-18 00:00:00
cve
cve
jvn
jvn
JVN#19294237: Apache Struts vulnerable to ClassLoader manipulation
2014-04-25 00:00:00
mageia
mageia
Updated tomcat packages fix CVE-2014-0050
2014-02-28 22:59:29
Updated apache-commons-fileupload package fixes CVE-2014-0050
2014-02-28 22:57:52
checkpoint_advisories
checkpoint_advisories
fedora
fedora
[SECURITY] Fedora 20 Update: apache-commons-fileupload-1.3-5.fc20
2014-02-17 21:06:10
[SECURITY] Fedora 19 Update: apache-commons-fileupload-1.3-5.fc19
2014-02-17 21:07:04
zdt
zdt
Apache Commons FileUpload and Apache Tomcat Denial of Service
2014-02-12 00:00:00
Apache Struts ClassLoader Manipulation Remote Code Execution Exploit
2014-05-03 00:00:00
tomcat
tomcat
Fixed in Apache Tomcat 8.0.3
2014-02-11 00:00:00
Fixed in Apache Tomcat 7.0.52
2014-02-17 00:00:00
exploitpack
exploitpack
Apache Commons FileUpload and Apache Tomcat - Denial of Service
2014-02-12 00:00:00
redhat
redhat
suse
suse
Security update for jakarta-commons-fileupload (important)
2014-04-17 21:04:15
amazon
amazon
Medium: tomcat7
2014-03-24 23:36:00
Medium: tomcat6
2014-05-21 10:45:00
exploitdb
exploitdb
Apache Commons FileUpload and Apache Tomcat - Denial of Service
2014-02-12 00:00:00
packetstorm
packetstorm
Apache Struts ClassLoader Manipulation Remote Code Execution
2014-05-02 00:00:00
gentoo
gentoo
Apache Commons FileUpload: Multiple vulnerabilities
2021-07-17 00:00:00
oraclelinux
oraclelinux
tomcat6 security update
2014-04-23 00:00:00
tomcat security update
2014-07-20 00:00:00
tomcat6 security and bug fix update
2014-07-09 00:00:00
ubuntu
ubuntu
Tomcat vulnerabilities
2014-03-06 00:00:00
centos
centos
tomcat6 security update
2014-04-23 19:07:14
tomcat6 security update
2014-07-09 16:09:49
rapid7blog
rapid7blog
Spring4Shell: Zero-Day Vulnerability in Spring Framework (CVE-2022-22965)
2022-03-30 22:33:54
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.971 High
EPSS
Percentile
99.8%
Related for HUAWEI-SA-20140707-01-STRUTS2