VDB
BDU%3A2020-02964
BDU%3A2020-02964
PUBLISHED
CVSS 8.5 HIGH
Уязвимость функции X509_NAME_oneline (crypto/x509/x509_obj.c) библиотеки OpenSSL, позволяющая нарушителю получить несанкционированный доступ к конфиденциальным данным или вызвать отказ в обслуживании
Risk Scores
CVSS 2.0
8.5
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Сообщество свободного программного обеспечения, Novell Inc., ООО «РусБИТех-Астра», OpenSSL Software Foundation | Debian GNU/Linux, OpenSUSE Leap, Suse Linux Enterprise Desktop, SUSE Linux Enterprise Software Development Kit, Suse Linux Enterprise Server, Astra Linux Common Edition (запись в едином реестре российских программ №4433), SUSE Linux Enterprise Module for Basesystem, SUSE Linux Enterprise Module for Legacy Software, SUSE Linux Enterprise High Performance Computing, openSUSE Tumbleweed, SUSE Linux Enterprise Server for Raspberry Pi, OpenSSL |
Exploit Intelligence
- Kouf320/attacker-lab-cve-2017-5638-cve-2021-41773-paper (github-poc)
- Kouf320/attacker-lab-cve-2017-5638-cve-2021-41773-paper (github-poc)
- Using Struts2 and PowerShell to recreate CVE-2017-5638 OGNL Injection vulnerability. (github-poc)
- Using Struts2 and PowerShell to recreate CVE-2017-5638 OGNL Injection vulnerability. (github-poc)
- A practical lab demonstrating the exploitation of a critical Remote Code Execution (RCE) vulnerability in Apache Struts2 (CVE-2017-5638) using Vulhub Docker environments. Includes setup instructions and commands to run the vulnerable container. (github-poc)
- A practical lab demonstrating the exploitation of a critical Remote Code Execution (RCE) vulnerability in Apache Struts2 (CVE-2017-5638) using Vulhub Docker environments. Includes setup instructions and commands to run the vulnerable container. (github-poc)
- ACharaf06/CVE-2017-5638-Attack-and-Defense (github-poc)
- ACharaf06/CVE-2017-5638-Attack-and-Defense (github-poc)
- CVE-2017-5638- PoC (github-poc)
- CVE-2017-5638- PoC (github-poc)
…and 176 more exploits
Timeline
- Jun 26, 2020 CVE Published
- Oct 2, 2020 PoC Published
- Nov 6, 2020 PoC Published
- Sep 6, 2021 PoC Published
- Oct 9, 2024 PoC Published
- Dec 12, 2024 PoC Published
- Mar 28, 2025 PoC Published
- Sep 26, 2025 PoC Published