#VU5234 Security bypass in Apache Struts - CVE-2014-0094

Cybersecurity Help s.r.o.

Published: 2017-01-23 | Updated: 2022-10-22

Vulnerability identifier: #VU5234

Vulnerability risk: Critical

CVSSv4.0: 6.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:A/U:Red]

CVE-ID: CVE-2014-0094

CWE-ID: CWE-264

Exploitation vector: Network

Exploit availability: Yes

Vulnerable software:
Apache Struts
Server applications / Frameworks for developing and running applications

Vendor: Apache Foundation

Description
The vulnerability allows a remote attacker to bypass security restsrictions on the target system.

The weakness exists due to an error in ParametersInterceptor. A remote attacker can use a specially crafted class parameter to manipulate the ClassLoader used by the application server.

Successful exploitation of the vulnerability results in security bypass on the vulnerable system.

Note: the vulnerability was being actively exploited.

Mitigation
Update to version 2.3.16.2.

Vulnerable software versions

Apache Struts: 2.0.0 - 2.3.16.1

External links
https://cwiki.apache.org/confluence/display/WW/S2-020

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, a fully functional exploit for this vulnerability is available.

Latest bulletins with this vulnerability

Multiple vulnerabilities in IBM Call Center for Commerce

Multiple vulnerabilities in IBM Sterling Order Management

Multiple vulnerabilities in Lenovo SAN Volume Controller and Storwize Family

Multiple vulnerabilities in IBM FlashSystem 840 and V840

Security bypass in Apache Struts