Lucene search
K

6 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/03/29 1:48 a.m.70 views

Security Bulletin: Vulnerability in Apache Struts affects SAN Volume Controller, Storwize family and FlashSystem V9000 products (CVE-2016-4461)

Summary A vulnerability in the Apache Struts component affects the Service Assistant GUI of SAN Volume Controller, Storwize family and FlashSystem V9000 products. The Command Line Interface is unaffected. Vulnerability Details CVEID: CVE-2016-4461 DESCRIPTION: Apache Struts could allow a remote...

9CVSS9.1AI score0.0802EPSS
Exploits0Affected Software5
vulnersOsv
vulnersOsv
added 2022/05/14 1:5 a.m.3 views

be.objectify:objectify-struts2-tags (=1.0), br.net.woodstock.rockframework:rockframework-struts2 (>=2.0.0 <=2.0.8) +223 more potentially affected by CVE-2016-4461 via org.apache.struts:struts2-core (>=2.0.11 <=2.3.28.1)

org.apache.struts:struts2-core MAVEN version =2.0.11, =2.0.0, =1.2.1, =1.5.3, =1.5.3, =1.2.2, =1.2.2, =1.2.2, =1.2.2, =0.5.9, =1.2.0, =1.0.0, =1.2.6 and more Source cves: CVE-2016-4461 Source advisory: OSV:GHSA-864W-R5QJ-H6FJ...

9CVSS7.2AI score0.0802EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 12:36 a.m.26 views

Security Bulletin: Vulnerability in Apache Struts affects the IBM FlashSystem model V840

Summary There is a vulnerability in Apache Struts to which the IBM® FlashSystem™ V840 is susceptible. An exploit of this vulnerability CVE-2016-4461 could allow an attacker to execute arbitrary code on the system. Vulnerability Details CVEID: CVE-2016-4461 DESCRIPTION: Apache Struts could allow a...

9CVSS1.4AI score0.0802EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 12:36 a.m.28 views

Security Bulletin: Vulnerability in Apache Struts affects the IBM FlashSystem models 840 and 900

Summary There is a vulnerability in Apache Struts to which the IBM® FlashSystem™ 840 and FlashSystem™ 900 are susceptible. An exploit of this vulnerability CVE-2016-4461 could allow an attacker to execute arbitrary code on the system. Vulnerability Details CVEID: CVE-2016-4461 DESCRIPTION: Apache...

9CVSS9.1AI score0.0802EPSS
Exploits0Affected Software1
UbuntuCve
UbuntuCve
added 2017/10/16 4:29 p.m.41 views

CVE-2016-4461

Apache Struts 2.x before 2.3.29 allows remote attackers to execute arbitrary code via a "%" sequence in a tag attribute, aka forced double OGNL evaluation. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-0785...

9CVSS7.3AI score0.0802EPSS
Exploits0References2
CVE
CVE
added 2017/10/16 4:0 p.m.78 views

CVE-2016-4461

CVE-2016-4461: Apache Struts vulnerability causing remote code execution via forced double OGNL evaluation. IBM/security bulletins show affected IBM FlashSystem products (V840, V900, Storwize/SAN volumes) with vulnerable VRMFs and the need to upgrade to fixed code levels. IBM Bulletins list affec...

9CVSS8.8AI score0.0802EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder