CVE-2016-6308

Risk Scores

Affected Products

…and 67 more

Exploit Intelligence

• Kouf320/attacker-lab-cve-2017-5638-cve-2021-41773-paper (github-poc)
• Kouf320/attacker-lab-cve-2017-5638-cve-2021-41773-paper (github-poc)
• Kouf320/attacker-lab-cve-2017-5638-cve-2021-41773-paper (github-poc)
• Kouf320/attacker-lab-cve-2017-5638-cve-2021-41773-paper (github-poc)
• Kouf320/attacker-lab-cve-2017-5638-cve-2021-41773-paper (github-poc)
• Kouf320/attacker-lab-cve-2017-5638-cve-2021-41773-paper (github-poc)
• Kouf320/attacker-lab-cve-2017-5638-cve-2021-41773-paper (github-poc)
• Kouf320/attacker-lab-cve-2017-5638-cve-2021-41773-paper (github-poc)
• Using Struts2 and PowerShell to recreate CVE-2017-5638 OGNL Injection vulnerability. (github-poc)
• Using Struts2 and PowerShell to recreate CVE-2017-5638 OGNL Injection vulnerability. (github-poc)

…and 722 more exploits

Timeline

• CVE Published
• May 25, 2017 PoC Published
• Oct 2, 2020 PoC Published
• Nov 6, 2020 PoC Published
• Sep 6, 2021 PoC Published
• Feb 4, 2022 EPSS Score
• May 8, 2023 EPSS Score
• Jul 18, 2023 EPSS Score
• Oct 9, 2023 EPSS Score
• Nov 8, 2023 EPSS Score
• Mar 8, 2024 EPSS Score
• Oct 9, 2024 PoC Published

References

• https://wid.cert-bund.de/.well-known/csaf/white/2016/wid-sec-w-2024-0209.json advisory
• https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0209 advisory
• https://www.openssl.org/news/secadv/20160922.txt advisory
• https://security.FreeBSD.org/advisories/FreeBSD-SA-16:26.openssl.asc advisory
• http://www.ubuntu.com/usn/usn-3087-2/ advisory
• https://www.suse.com/de-de/support/update/announcement/2016/suse-su-20162387-1.html advisory
• https://access.redhat.com/errata/RHSA-2016:1940 advisory
• https://www.suse.com/support/update/announcement/2016/suse-su-20162394-1.html advisory
• http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160927-openssl?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Multiple%20Vulnerabilities%20in%20OpenSSL%20Affecting%20Cisco%20Products:%20September%202016&vs_k=1 advisory
• https://www.suse.com/support/update/announcement/2016/suse-su-20162458-1.html advisory
• http://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24 advisory
• https://support.f5.com/kb/en-us/solutions/public/k/13/sol13167034.html?ref=rss advisory
• https://kb.bluecoat.com/security-advisory/sa132 advisory
• https://www.suse.com/support/update/announcement/2016/suse-su-20162468-1.html advisory
• https://www.suse.com/support/update/announcement/2016/suse-su-20162469-1.html advisory
• https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759&cat=SIRT_1&actp=LIST advisory
• https://support.f5.com/kb/en-us/solutions/public/k/90/sol90492697.html advisory
• https://www.suse.com/support/update/announcement/2016/suse-su-20162545-1.html advisory
• http://www.tenable.com/security/tns-2016-16 advisory
• https://support.f5.com/kb/en-us/solutions/public/k/59/sol59298921.html?ref=rss advisory

…and 62 more