CVE-2010-1870

EUVD-2022-5715
The OGNL extensive expression evaluation capability in XWork in Struts 2.0.0 through 2.1.8.1, as used in Atlassian Fisheye, Crucible, and possibly other products, uses a permissive whitelist, which allows remote attackers to modify server-side context objects and bypass the "#" protection mechanism in ParameterInterceptors via the (1) #context, (2) #_memberAccess, (3) #root, (4) #this, (5) #_typeResolver, (6) #_classResolver, (7) #_traceEvaluations, (8) #_lastEvaluation, (9) #_keepLastEvaluation, and possibly other OGNL context variables, a different vulnerability than CVE-2008-6504.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 99%
Affected Products (NVD)
VendorProductVersion
apachestruts
2.0.0
apachestruts
2.0.1
apachestruts
2.0.2
apachestruts
2.0.3
apachestruts
2.0.4
apachestruts
2.0.5
apachestruts
2.0.6
apachestruts
2.0.7
apachestruts
2.0.8
apachestruts
2.0.9
apachestruts
2.0.10
apachestruts
2.0.11
apachestruts
2.0.11.1
apachestruts
2.0.11.2
apachestruts
2.0.12
apachestruts
2.0.13
apachestruts
2.0.14
apachestruts
2.1.0
apachestruts
2.1.1
apachestruts
2.1.2
apachestruts
2.1.3
apachestruts
2.1.4
apachestruts
2.1.5
apachestruts
2.1.6
apachestruts
2.1.8
apachestruts
2.1.8.1
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
libstruts1.2-java
dapper
not-affected
hardy
not-affected
jaunty
not-affected
karmic
not-affected
lucid
not-affected
References
http://blog.o0o.nu/2010/07/cve-2010-1870-struts2xwork-remote.html
http://confluence.atlassian.com/display/FISHEYE/FishEye+Security+Advisory+2010-06-16
http://packetstormsecurity.com/files/159643/LISTSERV-Maestro-9.0-8-Remote-Code-Execution.html
http://seclists.org/fulldisclosure/2010/Jul/183
http://seclists.org/fulldisclosure/2020/Oct/23
http://secunia.com/advisories/59110
http://securityreason.com/securityalert/8345
http://struts.apache.org/2.2.1/docs/s2-005.html
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140709-struts2
http://www.exploit-db.com/exploits/14360
http://www.osvdb.org/66280
http://www.securityfocus.com/bid/41592
http://blog.o0o.nu/2010/07/cve-2010-1870-struts2xwork-remote.html
http://confluence.atlassian.com/display/FISHEYE/FishEye+Security+Advisory+2010-06-16
http://packetstormsecurity.com/files/159643/LISTSERV-Maestro-9.0-8-Remote-Code-Execution.html
http://seclists.org/fulldisclosure/2010/Jul/183
http://seclists.org/fulldisclosure/2020/Oct/23
http://secunia.com/advisories/59110
http://securityreason.com/securityalert/8345
http://struts.apache.org/2.2.1/docs/s2-005.html
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140709-struts2
http://www.exploit-db.com/exploits/14360
http://www.osvdb.org/66280
http://www.securityfocus.com/bid/41592