Initiatieven voor
Als nationale autoriteit voor cyberveiligheid heeft het CCB verschillende initiatieven ontwikkeld voor specifieke doelgroepen die hier worden gepresenteerd.
Reference:
Advisory #2018-024
Version:
1.0
Affected software:
Struts 2.3 - 2.3.34, Struts 2.5 - 2.5.16, Previous versions may also be vulnerable.
Type:
Remote code execution
CVE/CVSS:
CVE-2018-11776 Critical
The vulnerability, tracked as CVE-2018-1176, has been categorized as “Remote Code Execution” and is considered as a critical issue.
An attacker could exploit this vulnerability by visiting a specially crafted URL on the vulnerable webserver to execute malicious code and the possibility to fully compromise the webserver.
A vulnerability was discovered in the Apache Struts software, the following versions are considered vulnerable and should be patched: Struts 2.3 - 2.3.34, Struts 2.5 - 2.5.16
The vulnerability (CVE-2018-11776) resides in the core of Apache Struts and originates because of insufficient validation of user-provided input in the core of the Struts framework under certain configurations.
Your systems are vulnerable to the reported RCE flaw if your Apache Struts configuration meets the following conditions:
Remark: even if the application is currently not vulnerable, patching is strongly recommended to avoid that a configuration change results in a vulnerable system.
Note: A proof of concept for the vulnerability has been published!
CERT.be recommends system administrators to upgrade their systems to Apache Struts version 2..35 or 2.5.17. Even if the application is currently not vulnerable, it's possible that an inadvertent change to a Struts configuration file renders the application vulnerable in the future.