cvelistv5 - cve-2016-4430

CVE-2016-4430 (GCVE-0-2016-4430)

Vulnerability from cvelistv5 – Published: 2016-07-04 22:00 – Updated: 2024-08-06 00:32

Summary

Apache Struts 2 2.3.20 through 2.3.28.1 mishandles token validation, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks via unspecified vectors.

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

URL

Tags

	https://struts.apache.org/docs/s2-038.html	x_refsource_CONFIRM
	https://bugzilla.redhat.com/show_bug.cgi?id=1348249	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg…	x_refsource_CONFIRM
	http://jvndb.jvn.jp/jvndb/JVNDB-2016-000111	third-party-advisoryx_refsource_JVNDB
	http://www-01.ibm.com/support/docview.wss?uid=ssg…	x_refsource_CONFIRM
	http://jvn.jp/en/jp/JVN45093481/index.html	third-party-advisoryx_refsource_JVN
	http://www.securityfocus.com/bid/91281	vdb-entryx_refsource_BID
	http://www.oracle.com/technetwork/security-adviso…	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T00:32:24.606Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://struts.apache.org/docs/s2-038.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1348249"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21987854"
          },
          {
            "name": "JVNDB-2016-000111",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVNDB",
              "x_transferred"
            ],
            "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000111"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1009282"
          },
          {
            "name": "JVN#45093481",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVN",
              "x_transferred"
            ],
            "url": "http://jvn.jp/en/jp/JVN45093481/index.html"
          },
          {
            "name": "91281",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/91281"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-06-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Apache Struts 2 2.3.20 through 2.3.28.1 mishandles token validation, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-30T13:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://struts.apache.org/docs/s2-038.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1348249"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21987854"
        },
        {
          "name": "JVNDB-2016-000111",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVNDB"
          ],
          "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000111"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1009282"
        },
        {
          "name": "JVN#45093481",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVN"
          ],
          "url": "http://jvn.jp/en/jp/JVN45093481/index.html"
        },
        {
          "name": "91281",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/91281"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2016-4430",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Apache Struts 2 2.3.20 through 2.3.28.1 mishandles token validation, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://struts.apache.org/docs/s2-038.html",
              "refsource": "CONFIRM",
              "url": "https://struts.apache.org/docs/s2-038.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1348249",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1348249"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21987854",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21987854"
            },
            {
              "name": "JVNDB-2016-000111",
              "refsource": "JVNDB",
              "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000111"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1009282",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1009282"
            },
            {
              "name": "JVN#45093481",
              "refsource": "JVN",
              "url": "http://jvn.jp/en/jp/JVN45093481/index.html"
            },
            {
              "name": "91281",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/91281"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2016-4430",
    "datePublished": "2016-07-04T22:00:00",
    "dateReserved": "2016-05-02T00:00:00",
    "dateUpdated": "2024-08-06T00:32:24.606Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:struts:2.3.20:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"22FF6282-0BCA-46EB-9648-6EE3EDA189F2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:struts:2.3.20.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6D1467BC-9BC8-402D-A420-615CF9698648\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:struts:2.3.20.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"880AEA69-3705-447D-80FF-60753248158F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:struts:2.3.24:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"524C5119-416D-413B-BF1D-29291E23FDB2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:struts:2.3.24.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"45446B16-F531-4C6D-B889-A8A6622C70A2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:struts:2.3.24.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"71823E13-1896-4EE4-A49C-CFFB717FFD80\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:struts:2.3.28:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C778ADED-75B5-4AD3-8CDC-EFDFFAD5A742\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:struts:2.3.28.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"067F6249-CC5A-4402-843C-06D5F9F77267\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Apache Struts 2 2.3.20 through 2.3.28.1 mishandles token validation, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks via unspecified vectors.\"}, {\"lang\": \"es\", \"value\": \"Apache Struts 2 2.3.20 hasta la versi\\u00f3n 2.3.28.1 no maneja adecuadamente la validaci\\u00f3n del token, lo que permite a atacantes remotos llevar a cabo ataques CSRF a trav\\u00e9s de vectores no especificados.\"}]",
      "id": "CVE-2016-4430",
      "lastModified": "2024-11-21T02:52:09.387",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:P\", \"baseScore\": 6.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2016-07-04T22:59:05.337",
      "references": "[{\"url\": \"http://jvn.jp/en/jp/JVN45093481/index.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://jvndb.jvn.jp/jvndb/JVNDB-2016-000111\", \"source\": \"secalert@redhat.com\", \"tags\": [\"VDB Entry\", \"Vendor Advisory\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1009282\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21987854\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securityfocus.com/bid/91281\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=1348249\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://struts.apache.org/docs/s2-038.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://jvn.jp/en/jp/JVN45093481/index.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://jvndb.jvn.jp/jvndb/JVNDB-2016-000111\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"VDB Entry\", \"Vendor Advisory\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1009282\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21987854\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/91281\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=1348249\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://struts.apache.org/docs/s2-038.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "secalert@redhat.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-352\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2016-4430\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2016-07-04T22:59:05.337\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Apache Struts 2 2.3.20 through 2.3.28.1 mishandles token validation, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks via unspecified vectors.\"},{\"lang\":\"es\",\"value\":\"Apache Struts 2 2.3.20 hasta la versi\u00f3n 2.3.28.1 no maneja adecuadamente la validaci\u00f3n del token, lo que permite a atacantes remotos llevar a cabo ataques CSRF a trav\u00e9s de vectores no especificados.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-352\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:struts:2.3.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"22FF6282-0BCA-46EB-9648-6EE3EDA189F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:struts:2.3.20.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D1467BC-9BC8-402D-A420-615CF9698648\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:struts:2.3.20.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"880AEA69-3705-447D-80FF-60753248158F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:struts:2.3.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"524C5119-416D-413B-BF1D-29291E23FDB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:struts:2.3.24.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45446B16-F531-4C6D-B889-A8A6622C70A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:struts:2.3.24.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71823E13-1896-4EE4-A49C-CFFB717FFD80\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:struts:2.3.28:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C778ADED-75B5-4AD3-8CDC-EFDFFAD5A742\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:struts:2.3.28.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"067F6249-CC5A-4402-843C-06D5F9F77267\"}]}]}],\"references\":[{\"url\":\"http://jvn.jp/en/jp/JVN45093481/index.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://jvndb.jvn.jp/jvndb/JVNDB-2016-000111\",\"source\":\"secalert@redhat.com\",\"tags\":[\"VDB Entry\",\"Vendor Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1009282\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21987854\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/91281\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1348249\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://struts.apache.org/docs/s2-038.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://jvn.jp/en/jp/JVN45093481/index.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://jvndb.jvn.jp/jvndb/JVNDB-2016-000111\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"VDB Entry\",\"Vendor Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1009282\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21987854\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/91281\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1348249\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://struts.apache.org/docs/s2-038.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

CNVD-2016-04092

Vulnerability from cnvd - Published: 2016-06-17

Title

Apache Struts2远程代码执行漏洞（CNVD-2016-04092）

Description

Apache Struts是美国阿帕奇（Apache）软件基金会负责维护的一个开源项目，是一套用于创建企业级Java Web应用的开源MVC框架，主要提供两个版本框架产品，Struts 1和Struts 2。Apache Struts 2是Apache Struts的下一代产品，是在Struts 1和WebWork的技术基础上进行了合并的全新Struts 2框架，其体系结构与Struts 1差别较大。 Apache Struts 2.3.20版本至2.3.28.1中存在远程代码执行漏洞。攻击者可借助恶意的表达式利用该漏洞绕过令牌验证，执行CSRF攻击。

Severity

中

Patch Name

Apache Struts2远程代码执行漏洞（CNVD-2016-04092）的补丁

Patch Description

Formal description

目前厂商已经发布了升级补丁以修复此安全问题，详情请关注厂商主页： http://struts.apache.org/

Reference

https://cwiki.apache.org/confluence/display/WW/S2-038

Impacted products

Name
Apache struts >=2.3.20，<=2.3.28.1

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-4430"
    }
  },
  "description": "Apache Struts\u662f\u7f8e\u56fd\u963f\u5e15\u5947\uff08Apache\uff09\u8f6f\u4ef6\u57fa\u91d1\u4f1a\u8d1f\u8d23\u7ef4\u62a4\u7684\u4e00\u4e2a\u5f00\u6e90\u9879\u76ee\uff0c\u662f\u4e00\u5957\u7528\u4e8e\u521b\u5efa\u4f01\u4e1a\u7ea7Java Web\u5e94\u7528\u7684\u5f00\u6e90MVC\u6846\u67b6\uff0c\u4e3b\u8981\u63d0\u4f9b\u4e24\u4e2a\u7248\u672c\u6846\u67b6\u4ea7\u54c1\uff0cStruts 1\u548cStruts 2\u3002Apache Struts 2\u662fApache Struts\u7684\u4e0b\u4e00\u4ee3\u4ea7\u54c1\uff0c\u662f\u5728Struts 1\u548cWebWork\u7684\u6280\u672f\u57fa\u7840\u4e0a\u8fdb\u884c\u4e86\u5408\u5e76\u7684\u5168\u65b0Struts 2\u6846\u67b6\uff0c\u5176\u4f53\u7cfb\u7ed3\u6784\u4e0eStruts 1\u5dee\u522b\u8f83\u5927\u3002\r\n\r\nApache Struts 2.3.20\u7248\u672c\u81f32.3.28.1\u4e2d\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u501f\u52a9\u6076\u610f\u7684\u8868\u8fbe\u5f0f\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7\u4ee4\u724c\u9a8c\u8bc1\uff0c\u6267\u884cCSRF\u653b\u51fb\u3002",
  "discovererName": "Takeshi Terada websec02 dot g02 at gmail.com",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8be6\u60c5\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\uff1a\r\nhttp://struts.apache.org/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-04092",
  "openTime": "2016-06-17",
  "patchDescription": "Apache Struts\u662f\u7f8e\u56fd\u963f\u5e15\u5947\uff08Apache\uff09\u8f6f\u4ef6\u57fa\u91d1\u4f1a\u8d1f\u8d23\u7ef4\u62a4\u7684\u4e00\u4e2a\u5f00\u6e90\u9879\u76ee\uff0c\u662f\u4e00\u5957\u7528\u4e8e\u521b\u5efa\u4f01\u4e1a\u7ea7Java Web\u5e94\u7528\u7684\u5f00\u6e90MVC\u6846\u67b6\uff0c\u4e3b\u8981\u63d0\u4f9b\u4e24\u4e2a\u7248\u672c\u6846\u67b6\u4ea7\u54c1\uff0cStruts 1\u548cStruts 2\u3002Apache Struts 2\u662fApache Struts\u7684\u4e0b\u4e00\u4ee3\u4ea7\u54c1\uff0c\u662f\u5728Struts 1\u548cWebWork\u7684\u6280\u672f\u57fa\u7840\u4e0a\u8fdb\u884c\u4e86\u5408\u5e76\u7684\u5168\u65b0Struts 2\u6846\u67b6\uff0c\u5176\u4f53\u7cfb\u7ed3\u6784\u4e0eStruts 1\u5dee\u522b\u8f83\u5927\u3002\r\n\r\nApache Struts 2.3.20\u7248\u672c\u81f32.3.28.1\u4e2d\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u501f\u52a9\u6076\u610f\u7684\u8868\u8fbe\u5f0f\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7\u4ee4\u724c\u9a8c\u8bc1\uff0c\u6267\u884cCSRF\u653b\u51fb\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Apache Struts2\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff08CNVD-2016-04092\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "Apache struts \u003e=2.3.20\uff0c\u003c=2.3.28.1"
  },
  "referenceLink": "https://cwiki.apache.org/confluence/display/WW/S2-038",
  "serverity": "\u4e2d",
  "submitTime": "2016-06-16",
  "title": "Apache Struts2\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff08CNVD-2016-04092\uff09"
}

GSD-2016-4430

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Apache Struts 2 2.3.20 through 2.3.28.1 mishandles token validation, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks via unspecified vectors.

Aliases

CVE-2016-4430

Aliases

CVE-2016-4430

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2016-4430",
    "description": "Apache Struts 2 2.3.20 through 2.3.28.1 mishandles token validation, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks via unspecified vectors.",
    "id": "GSD-2016-4430",
    "references": [
      "https://www.suse.com/security/cve/CVE-2016-4430.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2016-4430"
      ],
      "details": "Apache Struts 2 2.3.20 through 2.3.28.1 mishandles token validation, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks via unspecified vectors.",
      "id": "GSD-2016-4430",
      "modified": "2023-12-13T01:21:18.851363Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2016-4430",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Apache Struts 2 2.3.20 through 2.3.28.1 mishandles token validation, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks via unspecified vectors."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://struts.apache.org/docs/s2-038.html",
            "refsource": "CONFIRM",
            "url": "https://struts.apache.org/docs/s2-038.html"
          },
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1348249",
            "refsource": "CONFIRM",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1348249"
          },
          {
            "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21987854",
            "refsource": "CONFIRM",
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21987854"
          },
          {
            "name": "JVNDB-2016-000111",
            "refsource": "JVNDB",
            "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000111"
          },
          {
            "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1009282",
            "refsource": "CONFIRM",
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1009282"
          },
          {
            "name": "JVN#45093481",
            "refsource": "JVN",
            "url": "http://jvn.jp/en/jp/JVN45093481/index.html"
          },
          {
            "name": "91281",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/91281"
          },
          {
            "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
            "refsource": "CONFIRM",
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
          }
        ]
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "[2.3.20,2.3.28.1]",
          "affected_versions": "All versions starting from 2.3.20 up to 2.3.28.1",
          "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "cwe_ids": [
            "CWE-1035",
            "CWE-352",
            "CWE-352",
            "CWE-937"
          ],
          "date": "2023-07-31",
          "description": "Apache Struts 2 2.3.20 through 2.3.28.1 mishandles token validation, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks via unspecified vectors.",
          "fixed_versions": [],
          "identifier": "CVE-2016-4430",
          "identifiers": [
            "GHSA-38qw-j787-v8c2",
            "CVE-2016-4430"
          ],
          "not_impacted": "",
          "package_slug": "maven/org.apache.struts/struts-master",
          "pubdate": "2022-05-17",
          "solution": "Unfortunately, there is no solution available yet.",
          "title": "Cross-Site Request Forgery (CSRF)",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2016-4430",
            "https://bugzilla.redhat.com/show_bug.cgi?id=1348249",
            "https://struts.apache.org/docs/s2-038.html",
            "http://jvn.jp/en/jp/JVN45093481/index.html",
            "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000111",
            "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1009282",
            "http://www-01.ibm.com/support/docview.wss?uid=swg21987854",
            "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
            "https://web.archive.org/web/20210123144953/http://www.securityfocus.com/bid/91281",
            "https://github.com/advisories/GHSA-38qw-j787-v8c2"
          ],
          "uuid": "cf5f9fdd-04ef-4a00-b5b6-46b7146a9bc7"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.28.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.20:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.20.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.20.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.28:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.24.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.24.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:struts:2.3.24:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2016-4430"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Apache Struts 2 2.3.20 through 2.3.28.1 mishandles token validation, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-352"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "JVN#45093481",
              "refsource": "JVN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://jvn.jp/en/jp/JVN45093481/index.html"
            },
            {
              "name": "JVNDB-2016-000111",
              "refsource": "JVNDB",
              "tags": [
                "VDB Entry",
                "Vendor Advisory"
              ],
              "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000111"
            },
            {
              "name": "https://struts.apache.org/docs/s2-038.html",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://struts.apache.org/docs/s2-038.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1348249",
              "refsource": "CONFIRM",
              "tags": [
                "Issue Tracking"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1348249"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1009282",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1009282"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21987854",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21987854"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
            },
            {
              "name": "91281",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/91281"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2017-10-31T01:29Z",
      "publishedDate": "2016-07-04T22:59Z"
    }
  }
}

GHSA-38QW-J787-V8C2

Vulnerability from github – Published: 2022-05-17 00:29 – Updated: 2023-12-28 22:28

Summary

Apache Struts CSRF Vulnerability

Details

Apache Struts 2 2.3.20 through 2.3.28.1 mishandles token validation, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks via unspecified vectors.

Severity ?

8.8 (High)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 2.3.28.1"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.struts.xwork:xwork-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.3.20"
            },
            {
              "fixed": "2.3.29"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2016-4430"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-352"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-07-31T22:23:42Z",
    "nvd_published_at": "2016-07-04T22:59:00Z",
    "severity": "HIGH"
  },
  "details": "Apache Struts 2 2.3.20 through 2.3.28.1 mishandles token validation, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks via unspecified vectors.",
  "id": "GHSA-38qw-j787-v8c2",
  "modified": "2023-12-28T22:28:24Z",
  "published": "2022-05-17T00:29:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4430"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/struts/commit/b28b78c062f0bf3c79793a25aab8c9b6c12bce6e"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1348249"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/apache/struts"
    },
    {
      "type": "WEB",
      "url": "https://struts.apache.org/docs/s2-038.html"
    },
    {
      "type": "WEB",
      "url": "https://web.archive.org/web/20210123144953/http://www.securityfocus.com/bid/91281"
    },
    {
      "type": "WEB",
      "url": "http://jvn.jp/en/jp/JVN45093481/index.html"
    },
    {
      "type": "WEB",
      "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000111"
    },
    {
      "type": "WEB",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1009282"
    },
    {
      "type": "WEB",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21987854"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Apache Struts CSRF Vulnerability"
}

FKIE_CVE-2016-4430

Vulnerability from fkie_nvd - Published: 2016-07-04 22:59 - Updated: 2025-04-12 10:46

Severity ?

8.8 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

Apache Struts 2 2.3.20 through 2.3.28.1 mishandles token validation, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks via unspecified vectors.

References

URL	Tags
secalert@redhat.com	http://jvn.jp/en/jp/JVN45093481/index.html	Vendor Advisory
secalert@redhat.com	http://jvndb.jvn.jp/jvndb/JVNDB-2016-000111	VDB Entry, Vendor Advisory
secalert@redhat.com	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1009282	Third Party Advisory
secalert@redhat.com	http://www-01.ibm.com/support/docview.wss?uid=swg21987854	Third Party Advisory
secalert@redhat.com	http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
secalert@redhat.com	http://www.securityfocus.com/bid/91281
secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=1348249	Issue Tracking
secalert@redhat.com	https://struts.apache.org/docs/s2-038.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://jvn.jp/en/jp/JVN45093481/index.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://jvndb.jvn.jp/jvndb/JVNDB-2016-000111	VDB Entry, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1009282	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21987854	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/91281
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=1348249	Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	https://struts.apache.org/docs/s2-038.html	Vendor Advisory

Impacted products

Vendor	Product	Version
apache	struts	2.3.20
apache	struts	2.3.20.1
apache	struts	2.3.20.3
apache	struts	2.3.24
apache	struts	2.3.24.1
apache	struts	2.3.24.3
apache	struts	2.3.28
apache	struts	2.3.28.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apache:struts:2.3.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "22FF6282-0BCA-46EB-9648-6EE3EDA189F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:struts:2.3.20.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D1467BC-9BC8-402D-A420-615CF9698648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:struts:2.3.20.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "880AEA69-3705-447D-80FF-60753248158F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:struts:2.3.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "524C5119-416D-413B-BF1D-29291E23FDB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:struts:2.3.24.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "45446B16-F531-4C6D-B889-A8A6622C70A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:struts:2.3.24.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "71823E13-1896-4EE4-A49C-CFFB717FFD80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:struts:2.3.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "C778ADED-75B5-4AD3-8CDC-EFDFFAD5A742",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:struts:2.3.28.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "067F6249-CC5A-4402-843C-06D5F9F77267",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Apache Struts 2 2.3.20 through 2.3.28.1 mishandles token validation, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "Apache Struts 2 2.3.20 hasta la versi\u00f3n 2.3.28.1 no maneja adecuadamente la validaci\u00f3n del token, lo que permite a atacantes remotos llevar a cabo ataques CSRF a trav\u00e9s de vectores no especificados."
    }
  ],
  "id": "CVE-2016-4430",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-07-04T22:59:05.337",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://jvn.jp/en/jp/JVN45093481/index.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000111"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1009282"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21987854"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/91281"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1348249"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://struts.apache.org/docs/s2-038.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://jvn.jp/en/jp/JVN45093481/index.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000111"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1009282"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21987854"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/91281"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1348249"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://struts.apache.org/docs/s2-038.html"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-352"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

JVNDB-2016-000111

Vulnerability from jvndb - Published: 2016-06-20 17:18 - Updated:2022-08-09 14:05

Severity ?

3.1 (Low) - cvssV3_0 - CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N

Summary

Apache Struts vulnerable to cross-site request forgery

Details

Apache Struts provided by the Apache Software Foundation is a software framework for creating web applications in Java. Web applications that are developed using Apache Struts 2 contain a cross-site request forgery vulnerability. Takeshi Terada of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

References

Type

URL

	JVN	https://jvn.jp/en/jp/JVN45093481/index.html
	CVE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4430
	NVD	https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4430
	Cross-Site Request Forgery(CWE-352)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

Vendor

Product

Apache Software Foundation

Apache Struts

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000111.html",
  "dc:date": "2022-08-09T14:05+09:00",
  "dcterms:issued": "2016-06-20T17:18+09:00",
  "dcterms:modified": "2022-08-09T14:05+09:00",
  "description": "Apache Struts provided by the Apache Software Foundation is a software framework for creating web applications in Java. \r\nWeb applications that are developed using Apache Struts 2 contain a cross-site request forgery vulnerability. \r\n\r\nTakeshi Terada of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
  "link": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000111.html",
  "sec:cpe": {
    "#text": "cpe:/a:apache:struts",
    "@product": "Apache Struts",
    "@vendor": "Apache Software Foundation",
    "@version": "2.2"
  },
  "sec:cvss": [
    {
      "@score": "4.3",
      "@severity": "Medium",
      "@type": "Base",
      "@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
      "@version": "2.0"
    },
    {
      "@score": "3.1",
      "@severity": "Low",
      "@type": "Base",
      "@vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
      "@version": "3.0"
    }
  ],
  "sec:identifier": "JVNDB-2016-000111",
  "sec:references": [
    {
      "#text": "https://jvn.jp/en/jp/JVN45093481/index.html",
      "@id": "JVN#45093481",
      "@source": "JVN"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4430",
      "@id": "CVE-2016-4430",
      "@source": "CVE"
    },
    {
      "#text": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4430",
      "@id": "CVE-2016-4430",
      "@source": "NVD"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-352",
      "@title": "Cross-Site Request Forgery(CWE-352)"
    }
  ],
  "title": "Apache Struts vulnerable to cross-site request forgery"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2016-4430 (GCVE-0-2016-4430)

CNVD-2016-04092

GSD-2016-4430

GHSA-38QW-J787-V8C2

FKIE_CVE-2016-4430

JVNDB-2016-000111

Tags

Sightings

Nomenclature