Intrusion Prevention

Apache.Struts2.Framework.Remote.Code.Execution

Description

This indicates attack attempts against multiple Arbitrary Code execution vulnerabilities in Apache Struct2 framework.
The vulnerabilities are caused because the user input filters fail to properly sanitize some parameter values that is passed to server. An attacker may include shell commands or arbitrary Java codes by supplying an injection string through the URL and a good string through GET or cookies. Successful attacks may allow an attacker to execute Java code or shell command on a vulnerable system.

Affected Products

Struts 2.2.1.1, 2.2.3.1 and 2.3.1

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Upgrade to the latest version, available from the web site.
http://struts.apache.org/download.cgi#struts2311