CVE-2017-9791
EUVD-2022-195410.07.2017, 16:29
The Struts 1 plugin in Apache Struts 2.1.x and 2.3.x might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| apache | struts | 2.3.1 |
| apache | struts | 2.3.1.1 |
| apache | struts | 2.3.1.2 |
| apache | struts | 2.3.3 |
| apache | struts | 2.3.4 |
| apache | struts | 2.3.4.1 |
| apache | struts | 2.3.7 |
| apache | struts | 2.3.8 |
| apache | struts | 2.3.12 |
| apache | struts | 2.3.14 |
| apache | struts | 2.3.14.1 |
| apache | struts | 2.3.14.2 |
| apache | struts | 2.3.14.3 |
| apache | struts | 2.3.15 |
| apache | struts | 2.3.15.1 |
| apache | struts | 2.3.15.2 |
| apache | struts | 2.3.15.3 |
| apache | struts | 2.3.16 |
| apache | struts | 2.3.16.1 |
| apache | struts | 2.3.16.2 |
| apache | struts | 2.3.16.3 |
| apache | struts | 2.3.20 |
| apache | struts | 2.3.20.1 |
| apache | struts | 2.3.20.3 |
| apache | struts | 2.3.24 |
| apache | struts | 2.3.24.1 |
| apache | struts | 2.3.24.3 |
| apache | struts | 2.3.28 |
| apache | struts | 2.3.28.1 |
| apache | struts | 2.3.29 |
| apache | struts | 2.3.30 |
| apache | struts | 2.3.31 |
| apache | struts | 2.3.32 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References