#VU90112 Permissions, Privileges, and Access Controls in Apache Struts - CVE-2011-5057

Cybersecurity Help s.r.o.

Published: 2024-05-31

Vulnerability identifier: #VU90112

Vulnerability risk: Medium

CVSSv4.0: 7.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/U:Green]

CVE-ID: CVE-2011-5057

CWE-ID: CWE-264

Exploitation vector: Network

Exploit availability: Yes

Vulnerable software:
Apache Struts
Server applications / Frameworks for developing and running applications

Vendor: Apache Foundation

Description

The vulnerability allows a remote attacker to escalate privileges on the system.

The vulnerability exists due to Apache Struts provides interfaces that do not properly restrict access to collections such as the session and request collections. A remote attacker can modify run-time data values via a crafted parameter to an application that implements an affected interface.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Apache Struts: before 2.3.3, 2.3.3

External links
https://codesecure.blogspot.com/2011/12/struts-2-session-tampering-via.html
https://secunia.com/advisories/47109
https://issues.apache.org/jira/browse/WW-2264
https://issues.apache.org/jira/browse/WW-3631

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

Latest bulletins with this vulnerability

Multiple vulnerabilities in IBM Call Center for Commerce

Multiple vulnerabilities in IBM Sterling Order Management