6.8
CVSSv2

CVE-2014-7809

Published: 10/12/2014 Updated: 21/11/2024

Vulnerability Summary

Apache Struts 2.0.0 up to and including 2.3.x prior to 2.3.20 uses predictable <s:token/> values, which allows remote malicious users to bypass the CSRF protection mechanism.

Vulnerable Product Search on Vulmon Subscribe to Product

apache struts 2.0.0

apache struts 2.0.1

apache struts 2.0.2

apache struts 2.0.3

apache struts 2.0.4

apache struts 2.0.5

apache struts 2.0.6

apache struts 2.0.7

apache struts 2.0.8

apache struts 2.0.9

apache struts 2.0.10

apache struts 2.0.11

apache struts 2.0.11.1

apache struts 2.0.11.2

apache struts 2.0.12

apache struts 2.0.13

apache struts 2.0.14

apache struts 2.1.0

apache struts 2.1.1

apache struts 2.1.2

apache struts 2.1.3

apache struts 2.1.4

apache struts 2.1.5

apache struts 2.1.6

apache struts 2.1.8

apache struts 2.1.8.1

apache struts 2.2.1

apache struts 2.2.1.1

apache struts 2.2.3

apache struts 2.2.3.1

apache struts 2.3.1

apache struts 2.3.1.1

apache struts 2.3.1.2

apache struts 2.3.3

apache struts 2.3.4

apache struts 2.3.4.1

apache struts 2.3.7

apache struts 2.3.8

apache struts 2.3.12

apache struts 2.3.14

apache struts 2.3.14.1

apache struts 2.3.14.2

apache struts 2.3.14.3

apache struts 2.3.15

apache struts 2.3.15.1

apache struts 2.3.15.2

apache struts 2.3.15.3

apache struts 2.3.16

apache struts 2.3.16.1

apache struts 2.3.16.2

apache struts 2.3.16.3

Github Repositories

Proof of concept code to predict Struts2 CSRF Token < 2.3.20

Proof of concept code to predict Struts CSRF token [S2-023] For a complete explanation, you can read : Predicting Struts CSRF Token (CVE-2014-7809) Execution preview: == Initial token H6P3Y3GHIC2865ASZVQ913NR93QZO7BR == Initial token in hex (easier evaluation) 14b08fcbf6523eecd7dd7d3e89cf97d6f478db5617 Guessing part == bytes representation (reconstructed byte array) 14b08fc