CVE-2010-1870

The OGNL extensive expression evaluation capability in XWork in Struts 2.0.0 through 2.1.8.1, as used in Atlassian Fisheye, Crucible, and possibly other products, uses a permissive whitelist, which allows remote attackers to modify server-side context objects and bypass the "#" protection mechanism in ParameterInterceptors via the (1) #context, (2) #_memberAccess, (3) #root, (4) #this, (5) #_typeResolver, (6) #_classResolver, (7) #_traceEvaluations, (8) #_lastEvaluation, (9) #_keepLastEvaluation, and possibly other OGNL context variables, a different vulnerability than CVE-2008-6504.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:P/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 99%
VendorProductVersion
apachestruts
2.0.0
apachestruts
2.0.1
apachestruts
2.0.2
apachestruts
2.0.3
apachestruts
2.0.4
apachestruts
2.0.5
apachestruts
2.0.6
apachestruts
2.0.7
apachestruts
2.0.8
apachestruts
2.0.9
apachestruts
2.0.10
apachestruts
2.0.11
apachestruts
2.0.11.1
apachestruts
2.0.11.2
apachestruts
2.0.12
apachestruts
2.0.13
apachestruts
2.0.14
apachestruts
2.1.0
apachestruts
2.1.1
apachestruts
2.1.2
apachestruts
2.1.3
apachestruts
2.1.4
apachestruts
2.1.5
apachestruts
2.1.6
apachestruts
2.1.8
apachestruts
2.1.8.1
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
libstruts1.2-java
lucid
not-affected
karmic
not-affected
jaunty
not-affected
hardy
not-affected
dapper
not-affected
References
http://blog.o0o.nu/2010/07/cve-2010-1870-struts2xwork-remote.html
http://confluence.atlassian.com/display/FISHEYE/FishEye+Security+Advisory+2010-06-16
http://packetstormsecurity.com/files/159643/LISTSERV-Maestro-9.0-8-Remote-Code-Execution.html
http://seclists.org/fulldisclosure/2010/Jul/183
http://seclists.org/fulldisclosure/2020/Oct/23
http://secunia.com/advisories/59110
http://securityreason.com/securityalert/8345
http://struts.apache.org/2.2.1/docs/s2-005.html
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140709-struts2
http://www.exploit-db.com/exploits/14360
http://www.osvdb.org/66280
http://www.securityfocus.com/bid/41592
http://blog.o0o.nu/2010/07/cve-2010-1870-struts2xwork-remote.html
http://confluence.atlassian.com/display/FISHEYE/FishEye+Security+Advisory+2010-06-16
http://packetstormsecurity.com/files/159643/LISTSERV-Maestro-9.0-8-Remote-Code-Execution.html
http://seclists.org/fulldisclosure/2010/Jul/183
http://seclists.org/fulldisclosure/2020/Oct/23
http://secunia.com/advisories/59110
http://securityreason.com/securityalert/8345
http://struts.apache.org/2.2.1/docs/s2-005.html
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140709-struts2
http://www.exploit-db.com/exploits/14360
http://www.osvdb.org/66280
http://www.securityfocus.com/bid/41592