6.8
CVSSv2

CVE-2014-7809

Published: 10/12/2014 Updated: 09/10/2018
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
VMScore: 606
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Summary

Apache Struts 2.0.0 up to and including 2.3.x prior to 2.3.20 uses predictable <s:token/> values, which allows remote malicious users to bypass the CSRF protection mechanism.

Vendor Advisories

Oracle Critical Patch Update Advisory - April 2015 Description A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory Thus, prior Critical Patch ...
Oracle Critical Patch Update Advisory - October 2016 Description A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previou ...
Oracle Critical Patch Update Advisory - July 2015 Description A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory Thus, prior Critical Patch U ...

Github Repositories

Proof of concept code to predict Struts2 CSRF Token < 2.3.20

Proof of concept code to predict Struts CSRF token [S2-023] For a complete explanation, you can read : Predicting Struts CSRF Token (CVE-2014-7809) Execution preview: == Initial token H6P3Y3GHIC2865ASZVQ913NR93QZO7BR == Initial token in hex (easier evaluation) 14b08fcbf6523eecd7dd7d3e89cf97d6f478db5617 Guessing part == bytes representation (reconstructed byte array) 14b08fc

Maven Security Versions Identify vulnerable libraries in Maven dependencies The plugin is based on versions-maven-plugin It use the victims database has source for CVEs and Maven artifact mapping Usage &gt; mvn comredhatvictimsmaven:security-versions:check [INFO] Scanning for projects [INFO] [INFO] -----------------------------------------------------------------

Identify vulnerable libraries in Maven dependencies

Maven Security Versions Identify vulnerable libraries in Maven dependencies The plugin is based on versions-maven-plugin It use the victims database has source for CVEs and Maven artifact mapping Usage &gt; mvn comredhatvictimsmaven:security-versions:check [INFO] Scanning for projects [INFO] [INFO] -----------------------------------------------------------------