A Vulnerability in Apache Struts 2 Could Allow for Remote Code Execution | allinfosecnews.com

Dec. 11, 2023, 4:16 p.m. |

Center for Internet Security - Multi-State Information Sharing and Analysis Center www.cisecurity.org

A vulnerability has been discovered in Apache Struts 2, which could allow for remote code execution. Apache Struts 2 is an open-source web application framework for developing Java EE web applications. Successful exploitation could allow for remote code execution in the context of underlying operating system. Depending on the privileges associated with the logged on user, an attacker could then install programs; view, change, or delete data. Users whose accounts are configured to have fewer user rights on the system …

apache apache struts application applications code code execution context exploitation framework java operating system remote code remote code execution struts struts 2 system vulnerability web web application web applications

More from www.cisecurity.org / Center for Internet Security - Multi-State Information Sharing and Analysis Center

Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution 1 day, 11 hours ago | www.cisecurity.org

arbitrary code arbitrary code execution attacker chrome +9

Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution 1 week ago | www.cisecurity.org

arbitrary code arbitrary code execution attacker chrome +9

Oracle Quarterly Critical Patches Issued April 16, 2024 2 weeks ago | www.cisecurity.org

april code code execution critical +7

Multiple Vulnerabilities in Ivanti Avalanche Could Allow for Remote Code Execution 2 weeks ago | www.cisecurity.org

authentication avalanche code code execution +23

Multiple Vulnerabilities in Google Chrome Could Allow for Remote Code Execution 2 weeks ago | www.cisecurity.org

attacker chrome code code execution +9

Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution 2 weeks, 1 day ago | www.cisecurity.org

access arbitrary code arbitrary code execution browser +17

A Vulnerability in PAN-OS Could Allow for Arbitrary Code Execution 2 weeks, 5 days ago | www.cisecurity.org

alto arbitrary code arbitrary code execution code +16

Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution 3 weeks ago | www.cisecurity.org

arbitrary code arbitrary code execution attacker chrome +9

Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution 3 weeks, 1 day ago | www.cisecurity.org

adobe adobe after effects adobe commerce after effects +14

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote

View on infosec-jobs.com

Application Security Engineer - Remote Friendly

@ Unit21 | San Francisco,CA; New York City; Remote USA;

View on infosec-jobs.com

Cloud Security Specialist

@ AppsFlyer | Herzliya

View on infosec-jobs.com

Malware Analysis Engineer - Canberra, Australia

@ Apple | Canberra, Australian Capital Territory, Australia

View on infosec-jobs.com

Product CISO

@ Fortinet | Sunnyvale, CA, United States

View on infosec-jobs.com

Manager, Security Engineering

@ Thrive | United States - Remote

View on infosec-jobs.com