Intrusion PreventionApache.Struts.2.Dynamic.Method.Invocation.Code.Execution
Description
This indicates an attack attempt to exploit a Remote Code Execution vulnerability in Apache Struts 2.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application, via a crafted request.
Affected Products
Struts 2.3.20 - Struts Struts 2.3.28 (except 2.3.20.2 and 2.3.24.2)
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Refer to the vendor's advisory for updates:
https://struts.apache.org/docs/s2-032.html
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2020-11-18 | 16.964 | Sig Added |
| 2019-06-10 | 14.629 | Severity:critical:high |
| ID | 42359 |
| Created | Apr 29, 2016 |
| Updated | Nov 17, 2020 |
| Risk |
|
| CVE ID | CVE-2016-3081 |
| Exploit Prediction Score | 97.52% |
| Default Action | drop |
| Active | |
| Affected OS | All |
| Affected App | Apache |