9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.974 High
EPSS
Percentile
99.9%
Apache Struts provided by the Apache Software Foundation is a software framework for creating Java web applications. Apache Struts contains a remote command execution vulnerability.
This issue is the same issue that the developer published as S2-016 on July 16, 2013
Note that attacks leveraging this vulnerability have been confirmed.
An arbitrary command may be executed on the server where Apache Struts resides.
Apply an Update
Update to the latest version according to the information provided by the developer.