CVE-2023-50164 - OpenCVE

An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a malicious file which can be used to perform Remote Code Execution. Users are recommended to upgrade to versions Struts 2.5.33 or Struts 6.3.0.2 or greater to fix this issue.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Apache	Struts

Configuration 1 [-]

OR	cpe:2.3:a:apache:struts::::::::
	cpe:2.3:a:apache:struts::::::::

References

Link	Resource
http://packetstormsecurity.com/files/176157/Struts-S2-066-File-Upload-Remote-Code-Execution.html	Third Party Advisory VDB Entry
https://lists.apache.org/thread/yh09b3fkf6vz5d6jdgrlvmg60lfwtqhj	Mailing List Patch
https://security.netapp.com/advisory/ntap-20231214-0010/	Third Party Advisory VDB Entry
https://www.openwall.com/lists/oss-security/2023/12/07/1	Mailing List

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: apache

Published: 2023-12-07T08:49:19.853Z

Updated: 2023-12-12T09:26:34.588Z

Reserved: 2023-12-04T08:37:57.468Z

Link: CVE-2023-50164

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-12-07T09:15:07.060

Modified: 2023-12-20T17:58:26.917

Link: CVE-2023-50164

JSON object: View

Redhat Information

No data.

CWE

CWE-552

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-50164", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "state": "PUBLISHED", "assignerShortName": "apache", "dateReserved": "2023-12-04T08:37:57.468Z", "datePublished": "2023-12-07T08:49:19.853Z", "dateUpdated": "2023-12-12T09:26:34.588Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://repo.maven.apache.org/maven2", "defaultStatus": "unaffected", "packageName": "org.apache.struts", "product": "Apache Struts", "vendor": "Apache Software Foundation", "versions": [{"lessThanOrEqual": "2.5.32", "status": "affected", "version": "2.0.0", "versionType": "semver"}, {"lessThanOrEqual": "6.3.0.1", "status": "affected", "version": "6.0.0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "reporter", "value": "Steven Seeley of Source Incite"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a malicious file which can be used to perform Remote Code Execution.</span><br>Users are recommended to upgrade to versions <span style=\"background-color: rgb(255, 255, 255);\">Struts 2.5.33 or Struts 6.3.0.2 or greater to</span> fix this issue.<br>"}], "value": "An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a malicious file which can be used to perform Remote Code Execution.\nUsers are recommended to upgrade to versions Struts 2.5.33 or Struts 6.3.0.2 or greater to\u00a0fix this issue.\n"}], "metrics": [{"other": {"content": {"text": "critical"}, "type": "Textual description of severity"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-552", "description": "CWE-552 Files or Directories Accessible to External Parties", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2023-12-12T09:26:34.588Z"}, "references": [{"tags": ["vendor-advisory", "mailing-list"], "url": "https://lists.apache.org/thread/yh09b3fkf6vz5d6jdgrlvmg60lfwtqhj"}, {"url": "https://www.openwall.com/lists/oss-security/2023/12/07/1"}, {"url": "http://packetstormsecurity.com/files/176157/Struts-S2-066-File-Upload-Remote-Code-Execution.html"}, {"url": "https://security.netapp.com/advisory/ntap-20231214-0010/"}], "source": {"discovery": "EXTERNAL"}, "title": "Apache Struts: File upload component had a directory traversal vulnerability", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:*", "matchCriteriaId": "BE174994-63BE-4A3F-A986-7903868FCE23", "versionEndExcluding": "2.5.33", "versionStartIncluding": "2.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:*", "matchCriteriaId": "DBE0443B-320B-4C29-83DC-624546AEE6D5", "versionEndExcluding": "6.3.0.2", "versionStartIncluding": "6.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a malicious file which can be used to perform Remote Code Execution.\nUsers are recommended to upgrade to versions Struts 2.5.33 or Struts 6.3.0.2 or greater to\u00a0fix this issue.\n"}, {"lang": "es", "value": "Un atacante puede manipular los par\u00e1metros de carga de archivos para permitir path traversal y, en algunas circunstancias, esto puede provocar la carga de un archivo malicioso que puede usarse para realizar la ejecuci\u00f3n remota de c\u00f3digo. Se recomienda a los usuarios actualizar a las versiones Struts 2.5.33 o Struts 6.3.0.1 o superior para solucionar este problema."}], "id": "CVE-2023-50164", "lastModified": "2023-12-20T17:58:26.917", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-12-07T09:15:07.060", "references": [{"source": "security@apache.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/176157/Struts-S2-066-File-Upload-Remote-Code-Execution.html"}, {"source": "security@apache.org", "tags": ["Mailing List", "Patch"], "url": "https://lists.apache.org/thread/yh09b3fkf6vz5d6jdgrlvmg60lfwtqhj"}, {"source": "security@apache.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://security.netapp.com/advisory/ntap-20231214-0010/"}, {"source": "security@apache.org", "tags": ["Mailing List"], "url": "https://www.openwall.com/lists/oss-security/2023/12/07/1"}], "sourceIdentifier": "security@apache.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-552"}], "source": "security@apache.org", "type": "Primary"}]}