CVE-2017-9787

Summary

When using a Spring AOP functionality to secure Struts actions it is possible to perform a DoS attack. Solution is to upgrade to Apache Struts version 2.5.12 or 2.3.33.

Affected Software

VendorProductVersion RangeStatus
Apache Software FoundationApache Struts2.3.x prior to 2.3.33affected
Apache Software FoundationApache Struts2.5 to 2.5.10.1affected

Weaknesses

  • DoS Attack

ADP Enrichment

CVE Program Container

Additional References

References