CVE-2019-0230
Apache Struts 2 Forced Multi OGNL Evaluation
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
10Exploited in Wild
-Decision
Descriptions
Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution.
Apache Struts versiones 2.0.0 hasta 2.5.20, forzó una evaluación OGNL doble, cuando se evaluaba en la entrada del usuario sin procesar en los atributos de la etiqueta, puede conllevar a una ejecución de código remota
The Apache Struts framework, when forced, performs double evaluation of attribute values assigned to certain tags attributes such as id. It is therefore possible to pass in a value to Struts that will be evaluated again when a tag's attributes are rendered. With a carefully crafted request, this can lead to remote code execution. This vulnerability is application dependant. A server side template must make an affected use of request data to render an HTML tag attribute.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2018-11-14 CVE Reserved
- 2020-08-13 First Exploit
- 2020-09-14 CVE Published
- 2024-08-04 CVE Updated
- 2024-08-21 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CAPEC
References (22)
| URL | Date | SRC |
|---|---|---|
| https://www.oracle.com/security-alerts/cpuApr2021.html | 2023-11-07 | |
| https://www.oracle.com/security-alerts/cpujan2021.html | 2023-11-07 | |
| https://www.oracle.com/security-alerts/cpuoct2021.html | 2023-11-07 |
| URL | Date | SRC |
|---|---|---|
| https://cwiki.apache.org/confluence/display/ww/s2-059 | 2023-11-07 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Apache Search vendor "Apache" | Struts Search vendor "Apache" for product "Struts" | >= 2.0.0 <= 2.5.20 Search vendor "Apache" for product "Struts" and version " >= 2.0.0 <= 2.5.20" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Communications Policy Management Search vendor "Oracle" for product "Communications Policy Management" | 12.5.0 Search vendor "Oracle" for product "Communications Policy Management" and version "12.5.0" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Financial Services Data Integration Hub Search vendor "Oracle" for product "Financial Services Data Integration Hub" | 8.0.3 Search vendor "Oracle" for product "Financial Services Data Integration Hub" and version "8.0.3" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Financial Services Data Integration Hub Search vendor "Oracle" for product "Financial Services Data Integration Hub" | 8.0.6 Search vendor "Oracle" for product "Financial Services Data Integration Hub" and version "8.0.6" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Financial Services Market Risk Measurement And Management Search vendor "Oracle" for product "Financial Services Market Risk Measurement And Management" | 8.0.6 Search vendor "Oracle" for product "Financial Services Market Risk Measurement And Management" and version "8.0.6" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Mysql Enterprise Monitor Search vendor "Oracle" for product "Mysql Enterprise Monitor" | <= 8.0.23 Search vendor "Oracle" for product "Mysql Enterprise Monitor" and version " <= 8.0.23" | - |
Affected
| ||||||