Apache.Struts.2.REST.Plugin.XStream.Handler.DoS

description-logoDescription

This indicates an attack attempt against a Denial-Of-Service vulnerability in Apache Struts.
The vulnerability is caused by an error when the vulnerable software handles maliciously crafted packets. A remote attacker may be able to exploit this to cause a denial of service condition on the affected system, via a crafted packet.

affected-products-logoAffected Products

Apache Software Foundation Struts 2.5 through 2.5.12
Apache Software Foundation Struts 2.3.7 through 2.3.33
XStream XStream prior to 1.4.10

Impact logoImpact

Denial of Service: Remote attackers can crash vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
http://struts.apache.org/docs/s2-051.html
http://x-stream.github.io/CVE-2017-7957.html

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)