CVE - CVE-2018-11776

CVE-ID
CVE-2018-11776	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true (either by user or a plugin like Convention Plugin) and then: results are used with no namespace and in same time, its upper package have no or wildcard namespace and similar to results, same possibility when using url tag which doesn't have value and action set and in same time, its upper package have no or wildcard namespace.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:105125 URL:http://www.securityfocus.com/bid/105125 CONFIRM:http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-005.txt URL:http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-005.txt CONFIRM:http://www.oracle.com/technetwork/security-advisory/alert-cve-2018-11776-5072787.html URL:http://www.oracle.com/technetwork/security-advisory/alert-cve-2018-11776-5072787.html CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html URL:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html CONFIRM:https://cwiki.apache.org/confluence/display/WW/S2-057 URL:https://cwiki.apache.org/confluence/display/WW/S2-057 CONFIRM:https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0012 URL:https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0012 CONFIRM:https://security.netapp.com/advisory/ntap-20180822-0001/ URL:https://security.netapp.com/advisory/ntap-20180822-0001/ CONFIRM:https://security.netapp.com/advisory/ntap-20181018-0002/ URL:https://security.netapp.com/advisory/ntap-20181018-0002/ CONFIRM:https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html URL:https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html EXPLOIT-DB:45260 URL:https://www.exploit-db.com/exploits/45260/ EXPLOIT-DB:45262 URL:https://www.exploit-db.com/exploits/45262/ EXPLOIT-DB:45367 URL:https://www.exploit-db.com/exploits/45367/ MISC:http://packetstormsecurity.com/files/172830/Apache-Struts-Remote-Code-Execution.html MISC:https://github.com/hook-s3c/CVE-2018-11776-Python-PoC URL:https://github.com/hook-s3c/CVE-2018-11776-Python-PoC MISC:https://lgtm.com/blog/apache_struts_CVE-2018-11776 URL:https://lgtm.com/blog/apache_struts_CVE-2018-11776 MISC:https://www.oracle.com/security-alerts/cpujul2020.html URL:https://www.oracle.com/security-alerts/cpujul2020.html MLIST:[announce] 20200131 Apache Software Foundation Security Report: 2019 URL:https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c@%3Cannounce.apache.org%3E SECTRACK:1041547 URL:http://www.securitytracker.com/id/1041547 SECTRACK:1041888 URL:http://www.securitytracker.com/id/1041888
Assigning CNA
Apache Software Foundation
Date Record Created
20180605	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20180605)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)