Summary

Possible path traversal in the Convention plugin

Who should read this

All Struts 2 developers and users

Impact of vulnerability

Possible path traversal in the Convention plugin in Struts 2.3.20 - 2.3.30

Maximum security rating

Important

Recommendation

Upgrade to Struts 2.3.31 or Struts 2.5.5

Affected Software

Struts 2.3.1 - 2.3.30

Struts 2.5 - 2.5.2

Reporter

Takeshi Terada of Mitsui Bussan Secure Directions, Inc.

CVE Identifier

CVE-2016-6795

Problem

It is possible to prepare a special URL which will be used for path traversal and execution of arbitrary code on server side.

Solution

Upgrade to Apache Struts version 2.3.31 or 2.5.5 when you are using with the Convention plugin.

Backward compatibility

No backward incompatibility issues are expected.

Workaround

There is no known workaround for this vulnerability, please upgrade to the mentioned Struts versions.


  • No labels