CVE-2016-3081 Apache Struts 2 security vulnerability

Related Vulnerabilities: CVE-2016-3081  

Support

My AccountForcepoint Support Site Guest User (Logout)Community

My Account Visitor(login)Community

CVE-2016-3081 Apache Struts 2 security vulnerability

  • Article Number: 000008684
  • Products: Email Security Gateway, Forcepoint I Series Appliance, Forcepoint V10000 Appliance, Forcepoint V5000 Appliance, Forcepoint X Series Appliance, Insider Threat, Next Generation Firewall (NGFW), Sidewinder, TRITON RiskVision, Threat Protection, Threat Protection for Linux, Web Filter & Security, Web Security Gateway, Web Security and Web Filter
  • Version:
  • Last Published Date: May 16, 2016

Problem Description

The following security vulnerability has been under investigation by Forcepoint Engineering since May 2, 2016.

Last update: May 16, 2016


Description of vulnerability

From CVE website: Apache Struts 2.x before 2.3.20.2, 2.3.24.x before 2.3.24.2, and 2.3.28.x before 2.3.28.1, when Dynamic Method Invocation is enabled, allow remote attackers to execute arbitrary code via method: prefix, related to chained expressions.

The Apache Struts 2 documentation site describes the vulnerability as follows in its Security Bulletin S2-032:

It is possible to pass a malicious expression which can be used to execute arbitrary code on server side when Dynamic Method Invocation is enabled.

See http://struts.apache.org/docs/s2-032.html for more details.

What is the risk to Forcepoint products?

The following are considered not vulnerable:
 
  • Data Security Suite, TRITON AP-DATA
  • TRITON AP-ENDPOINT Web and TRITON AP-ENDPOINT DLP
  • TRITON management server
  • i-Series Appliance
  • TRITON AP-EMAIL and Email Security Gateway
  • TRITON AP-WEB (on-premises) and Web Security Gateway
  • V-Series and X-Series Appliance platforms
  • Web Filter, Web Security
  • RiskVision
  • SureView Insider Threat
  • SureView Threat Protection
  • Threat Protection for Linux
  • Sidewinder
  • Stonesoft Next Generation Firewall
  • TRITON AP-EMAIL (cloud) and TRITON AP-WEB (cloud)


You must answer this question.


This form submits information to the Support website maintenance team.

  • To communicate with your Technical Support Representative about a case, please visit the Case Details page and submit a case comment, or call your representative. Comments submitted here will not be added to your case communications.
  • To file a site categorization request, please to go CSI.forcepoint.com and submit the URL you would like to see recategorized. On the resulting report, click the "Suggest a different categorization" link. Comments submitted here will not recategorize your website.

This field is required.
This field is required.

up to 2000 characters

This field is required.