First published: Tue Jun 07 2016(Updated: )
A vulnerability in Apache Struts 1 ActionForm allowing unintended remote operations against components on server memory, such as Servlets and ClassLoader, was found. Affects Apache Struts versions 1.0 through 1.3.10 External References: <a href="https://jvn.jp/en/jp/JVN03188560/">https://jvn.jp/en/jp/JVN03188560/</a>
Affected Software | Affected Version | How to fix |
---|---|---|
Apache Struts 2 | >=1.0<1.3.10 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of REDHAT-BUG-1343538 is critical due to the potential for remote exploitations of server components.
To fix REDHAT-BUG-1343538, upgrade Apache Struts to a version later than 1.3.10.
Apache Struts versions 1.0 through 1.3.10 are affected by REDHAT-BUG-1343538.
REDHAT-BUG-1343538 is a remote code execution vulnerability that allows unintended operations on server components.
No, using Apache Struts 1.3.10 is not safe as it is identified with a vulnerability that can be exploited.