VDB
CVE-2017-15707
CVE-2017-15707
PUBLISHED
CVSS 6.199999809265137 MEDIUM
Moderate severity vulnerability that affects org.apache.struts:struts2-rest-plugin
EPSS 1.53% · 81.7th percentile
Risk Scores
CVSS 3.0
6.199999809265137
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
1.53%
81.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| oracle | enterprise_manager_for_virtualization | 13.2.3, 13.2.2 |
| oracle | retail_xstore_point_of_service | 7.1.6, 7.0.6, 16.0.2 |
| oracle | weblogic_server | 12.2.1.3, 12.2.1.2 |
| apache | struts | 2.5 |
| Apache Software Foundation | Apache Struts | * |
| oracle | global_lifecycle_management_opatchauto | |
| oracle | webcenter_portal | 12.2.1.2.0, 12.2.1.3.0 |
| netapp | oncommand_balance | |
| Apache | Struts | |
| oracle | financial_services_market_risk_measurement_and_management | 8.0.5 |
| oracle | jd_edwards_enterpriseone_tools | 9.2 |
| oracle | financial_services_hedge_management_and_ifrs_valuations | 8.0.4, 8.0.5 |
| oracle | retail_order_broker | 5.2 |
| Maven | org.apache.struts:struts2-rest-plugin | 2.5.0 |
| oracle | agile_plm_framework | 9.3.6 |
Exploit Intelligence
- https://cwiki.apache.org/confluence/display/WW/S2-054 (circl)
- http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html (circl)
- 1039946 (circl)
- 102021 (circl)
- http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html (circl)
- https://security.netapp.com/advisory/ntap-20171214-0001/ (circl)
- Apache Struts2 S2-054 DoS Vulnerability (0day-today)
- Apache Struts2 S2-054 DoS Vulnerability (0day-today)
Timeline
- Dec 1, 2017 CVE Published
- Dec 2, 2017 PoC Published
- Apr 26, 2019 CVE Updated
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 5, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
References
- https://cwiki.apache.org/confluence/display/WW/S2-054 url
- http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html url
- 1039946 vdb
- 102021 vdb
- http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html url
- https://security.netapp.com/advisory/ntap-20171214-0001/ url
- https://cwiki.apache.org/confluence/display/WW/s2-055 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2017-15707 advisory
- https://github.com/advisories/GHSA-xcrm-qpp8-hcw4 advisory
- https://security.netapp.com/advisory/ntap-20171214-0001 url