TTCSIRT-040.090617: TT-CSIRT Advisory – Apache Security Updates

TTCSIRT-040.090617: TT-CSIRT Advisory – Apache Security Updates

A vulnerability has been discovered in Apache Struts which could allow for remote code execution. This vulnerability exists because the REST Plugin is using a XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to remote code execution when deserializing XML payloads.

Successful exploitation of this vulnerability could allow for remote code execution in the context of the application. Depending on the privileges associated with the application, an attacker could install programs; view, change, or delete data; or create new accounts with full user rights.

Further information on this vulnerability and how it can be fixed can be found at https://www.cisecurity.org/advisory/vulnerability-in-apache-struts-could-allow-for-remote-code-execution-2/