Lucene search

K
nessusThis script is Copyright (C) 2004-2024 and is owned by Tenable, Inc. or an Affiliate thereof.ORACLE_WEBLOGIC_SERVER_CVE-2017-9805.NBIN
HistoryOct 04, 2017 - 12:00 a.m.

Oracle WebLogic Server Multiple Vulnerabilities

2017-10-0400:00:00
This script is Copyright (C) 2004-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
25

The version of Oracle WebLogic Server installed on the remote host is affected by multiple Apache Struts 2 vulnerabilities. One of the following vulnerabilities was detected on the asset:

  • CVE-2017-5638: The Jakarta Multipart parser in Apache Struts 2, specifically 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1
  • CVE-2017-7672: Apache Struts version < 2.5.12
  • CVE-2017-9787: Apache Struts version < 2.5.12 or < 2.3.33
  • CVE-2017-9791: Struts 1 plugin in Apache Struts 2.3.x
  • CVE-2017-9793: Apache Struts < 2.3.7 - 2.3.33 & < 2.5 - 2.5.12
  • CVE-2017-9804: Apache Struts 2.3.7 -2.3.33 & 2.5 - 2.5.12
  • CVE-2017-12611: Apache Struts 2.0.1 - 2.3.33 & 2.5 - 2.5.10
Binary data oracle_weblogic_server_CVE-2017-9805.nbin
Related for ORACLE_WEBLOGIC_SERVER_CVE-2017-9805.NBIN