CVE-2017-9793 is a vulnerability in Apache Struts
Published on September 20, 2017

The REST Plugin in Apache Struts 2.1.x, 2.3.7 through 2.3.33 and 2.5 through 2.5.12 is using an outdated XStream library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted XML payload.

Vendor Advisory NVD

Products Associated with CVE-2017-9793

Want to know whenever a new CVE is published for Apache Struts? stack.watch will email you.

Apache Struts

Affected Versions

Apache Software Foundation Apache Struts:

Version 2.3.7 - 2.3.33 is affected.
Version 2.5 - 2.5.12 is affected.
Version 2.1.x series is affected.

Exploit Probability

EPSS

7.94%

Percentile

91.92%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2017-9793 is a vulnerability in Apache StrutsPublished on September 20, 2017

Products Associated with CVE-2017-9793

Affected Versions

Exploit Probability

CVE-2017-9793 is a vulnerability in Apache Struts
Published on September 20, 2017