CVE-2017-9805 — HIGH (8.1) — White Hats Nepal

Q: How severe is CVE-2017-9805?

CVE-2017-9805 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2017-9805?

Check the references section above for vendor advisories and patch information. Affected products include: Apache Struts, Cisco Digital Media Manager, Cisco Hosted Collaboration Solution, Cisco Media Experience Engine, Cisco Network Performance Analysis.

Vulnerability Description

The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads.

CVSS Score

8.1

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Apache	Struts	>= 2.1.2, < 2.3.34
Cisco	Digital Media Manager	-
Cisco	Hosted Collaboration Solution	10.5\(1\)
Cisco	Media Experience Engine	3.5
Cisco	Network Performance Analysis	-
Cisco	Video Distribution Suite For Internet Streaming	-
Netapp	Oncommand Balance	-

Related Weaknesses (CWE)

CWE-502

References

http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-9805-3889403.PatchThird Party Advisory
http://www.securityfocus.com/bid/100609Broken LinkThird Party AdvisoryVDB Entry
http://www.securitytracker.com/id/1039263Broken LinkThird Party AdvisoryVDB Entry
https://blogs.apache.org/foundation/entry/apache-struts-statement-on-equifaxVendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1488482Issue TrackingThird Party AdvisoryVDB Entry
https://cwiki.apache.org/confluence/display/WW/S2-052MitigationVendor Advisory
https://lgtm.com/blog/apache_struts_CVE-2017-9805Broken Link
https://security.netapp.com/advisory/ntap-20170907-0001/Third Party Advisory
https://struts.apache.org/docs/s2-052.htmlMitigationVendor Advisory
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2Third Party Advisory
https://www.exploit-db.com/exploits/42627/ExploitThird Party AdvisoryVDB Entry
https://www.kb.cert.org/vuls/id/112992Third Party AdvisoryUS Government Resource
http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-9805-3889403.PatchThird Party Advisory
http://www.securityfocus.com/bid/100609Broken LinkThird Party AdvisoryVDB Entry
http://www.securitytracker.com/id/1039263Broken LinkThird Party AdvisoryVDB Entry

FAQ

What is CVE-2017-9805?

CVE-2017-9805 is a vulnerability with a CVSS score of 8.1 (HIGH). The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can ...

How severe is CVE-2017-9805?

CVE-2017-9805 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2017-9805?

Check the references section above for vendor advisories and patch information. Affected products include: Apache Struts, Cisco Digital Media Manager, Cisco Hosted Collaboration Solution, Cisco Media Experience Engine, Cisco Network Performance Analysis.