CVE-2011-3923

All Frameworks › Apache Struts › CWE-Other › CVE-2011-3923

CVE-2011-3923

State: PUBLISHED · Published: 2019-11-01 · Updated: 2024-08-06 · Assigner: Chrome

Description

Apache Struts before 2.3.1.2 allows remote attackers to bypass security protections in the ParameterInterceptor class and execute arbitrary commands.

CWE

(none)

Affected

Apache / Struts — v=2.3.1.2 [affected]

CVSS

(none)

References

http://www.exploit-db.com/exploits/24874 exploit, x_refsource_EXPLOIT-DB
http://www.securityfocus.com/bid/51628 vdb-entry, x_refsource_BID
https://security-tracker.debian.org/tracker/CVE-2011-3923 x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3923 x_refsource_MISC
http://seclists.org/fulldisclosure/2014/Jul/38 x_refsource_MISC
http://www.securitytracker.com/id?1026575 x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/72585 vdb-entry, x_refsource_XF

Source

cvelistV5-main/cves/2011/3xxx/CVE-2011-3923.json