Test Kennung:	1.3.6.1.4.1.25623.1.0.107824
Kategorie:	Huawei
Titel:	Huawei Data Communication: RCE Vulnerability in Jackson JSON library of Apache Struts2 (huawei-sa-20180228-01-struts)
Zusammenfassung:	Apache Struts2 released a remote code execution (RCE); vulnerability in S2-055 on the official website.;; This VT has been deprecated and is therefore no longer functional.
Beschreibung:	Summary: Apache Struts2 released a remote code execution (RCE) vulnerability in S2-055 on the official website. This VT has been deprecated and is therefore no longer functional. Vulnerability Insight: Apache Struts2 released a remote code execution vulnerability in S2-055 on the official website. An attacker is possible to perform a Remote Code Execution(RCE) attack with a malicious JSON packet. (Vulnerability ID: HWPSIRT-2017-12002)This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2017-7525.Huawei has released software updates to fix this vulnerability. This advisory is available in the linked references. Vulnerability Impact: An attacker is possible to perform a RCE (Remote Code Execution) attack with a malicious JSON packet. Affected Software/OS: eSDK versions 3.1.0 3.1.0.SPC100 Solution: See the referenced vendor advisory for a solution. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2017-7525 BugTraq ID: 99623 http://www.securityfocus.com/bid/99623 http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html https://bugzilla.redhat.com/show_bug.cgi?id=1462702 https://cwiki.apache.org/confluence/display/WW/S2-055 https://github.com/FasterXML/jackson-databind/issues/1599 https://github.com/FasterXML/jackson-databind/issues/1723 https://security.netapp.com/advisory/ntap-20171214-0002/ https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03902en_us https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html Debian Security Information: DSA-4004 (Google Search) https://www.debian.org/security/2017/dsa-4004 https://www.oracle.com/security-alerts/cpuoct2020.html https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html https://lists.apache.org/thread.html/4641ed8616ccc2c1fbddac2c3dc9900c96387bc226eaf0232d61909b@%3Ccommits.cassandra.apache.org%3E https://lists.apache.org/thread.html/rf7f87810c38dc9abf9f93989f76008f504cbf7c1a355214640b2d04c@%3Ccommits.cassandra.apache.org%3E https://lists.apache.org/thread.html/r42ac3e39e6265db12d9fc6ae1cd4b5fea7aed9830dc6f6d58228fed7@%3Ccommits.cassandra.apache.org%3E https://lists.debian.org/debian-lts-announce/2020/01/msg00037.html https://lists.debian.org/debian-lts-announce/2020/08/msg00039.html https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E https://lists.apache.org/thread.html/c2ed4c0126b43e324cf740012a0edd371fd36096fd777be7bfe7a2a6@%3Cdev.lucene.apache.org%3E https://lists.apache.org/thread.html/f60afd3c7e9ebaaf70fad4a4beb75cf8740ac959017a31e7006c7486@%3Cdev.lucene.apache.org%3E https://lists.apache.org/thread.html/c10a2bf0fdc3d25faf17bd191d6ec46b29a353fa9c97bebd7c4e5913@%3Cdev.lucene.apache.org%3E https://lists.apache.org/thread.html/3c87dc8bca99a2b3b4743713b33d1de05b1d6b761fdf316224e9c81f@%3Cdev.lucene.apache.org%3E https://lists.apache.org/thread.html/b1f33fe5ade396bb903fdcabe9f243f7692c7dfce5418d3743c2d346@%3Cdev.lucene.apache.org%3E https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E https://lists.apache.org/thread.html/5008bcbd45ee65ce39e4220b6ac53d28a24d6bc67d5804e9773a7399@%3Csolr-user.lucene.apache.org%3E https://lists.apache.org/thread.html/c9d5ff20929e8a3c8794facf4c4b326a9c10618812eec356caa20b87@%3Csolr-user.lucene.apache.org%3E https://lists.apache.org/thread.html/f095a791bda6c0595f691eddd0febb2d396987eec5cbd29120d8c629@%3Csolr-user.lucene.apache.org%3E https://lists.apache.org/thread.html/r68acf97f4526ba59a33cc6e592261ea4f85d890f99e79c82d57dd589@%3Cissues.spark.apache.org%3E RedHat Security Advisories: RHSA-2017:1834 https://access.redhat.com/errata/RHSA-2017:1834 RedHat Security Advisories: RHSA-2017:1835 https://access.redhat.com/errata/RHSA-2017:1835 RedHat Security Advisories: RHSA-2017:1836 https://access.redhat.com/errata/RHSA-2017:1836 RedHat Security Advisories: RHSA-2017:1837 https://access.redhat.com/errata/RHSA-2017:1837 RedHat Security Advisories: RHSA-2017:1839 https://access.redhat.com/errata/RHSA-2017:1839 RedHat Security Advisories: RHSA-2017:1840 https://access.redhat.com/errata/RHSA-2017:1840 RedHat Security Advisories: RHSA-2017:2477 https://access.redhat.com/errata/RHSA-2017:2477 RedHat Security Advisories: RHSA-2017:2546 https://access.redhat.com/errata/RHSA-2017:2546 RedHat Security Advisories: RHSA-2017:2547 https://access.redhat.com/errata/RHSA-2017:2547 RedHat Security Advisories: RHSA-2017:2633 https://access.redhat.com/errata/RHSA-2017:2633 RedHat Security Advisories: RHSA-2017:2635 https://access.redhat.com/errata/RHSA-2017:2635 RedHat Security Advisories: RHSA-2017:2636 https://access.redhat.com/errata/RHSA-2017:2636 RedHat Security Advisories: RHSA-2017:2637 https://access.redhat.com/errata/RHSA-2017:2637 RedHat Security Advisories: RHSA-2017:2638 https://access.redhat.com/errata/RHSA-2017:2638 RedHat Security Advisories: RHSA-2017:3141 https://access.redhat.com/errata/RHSA-2017:3141 RedHat Security Advisories: RHSA-2017:3454 https://access.redhat.com/errata/RHSA-2017:3454 RedHat Security Advisories: RHSA-2017:3455 https://access.redhat.com/errata/RHSA-2017:3455 RedHat Security Advisories: RHSA-2017:3456 https://access.redhat.com/errata/RHSA-2017:3456 RedHat Security Advisories: RHSA-2017:3458 https://access.redhat.com/errata/RHSA-2017:3458 RedHat Security Advisories: RHSA-2018:0294 https://access.redhat.com/errata/RHSA-2018:0294 RedHat Security Advisories: RHSA-2018:0342 https://access.redhat.com/errata/RHSA-2018:0342 RedHat Security Advisories: RHSA-2018:1449 https://access.redhat.com/errata/RHSA-2018:1449 RedHat Security Advisories: RHSA-2018:1450 https://access.redhat.com/errata/RHSA-2018:1450 RedHat Security Advisories: RHSA-2019:0910 https://access.redhat.com/errata/RHSA-2019:0910 RedHat Security Advisories: RHSA-2019:2858 https://access.redhat.com/errata/RHSA-2019:2858 RedHat Security Advisories: RHSA-2019:3149 https://access.redhat.com/errata/RHSA-2019:3149 http://www.securitytracker.com/id/1039744 http://www.securitytracker.com/id/1039947 http://www.securitytracker.com/id/1040360
Copyright	Copyright (C) 2020 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.