Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2014-7809

Published: 10/12/2014 Updated: 09/10/2018
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
VMScore: 607
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Apache

Vulnerability Summary

Apache Struts 2.0.0 up to and including 2.3.x prior to 2.3.20 uses predictable <s:token/> values, which allows remote malicious users to bypass the CSRF protection mechanism.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.
Vulnerable Product Search on Vulmon Subscribe to Product

apache struts 2.0.1

apache struts 2.0.10

apache struts 2.0.11

apache struts 2.0.3

apache struts 2.0.4

apache struts 2.1.1

apache struts 2.1.2

apache struts 2.2.1.1

apache struts 2.2.3

apache struts 2.3.14.1

apache struts 2.3.14.2

apache struts 2.3.16.1

apache struts 2.3.16.2

apache struts 2.0.12

apache struts 2.0.13

apache struts 2.0.7

apache struts 2.0.8

apache struts 2.1.5

apache struts 2.1.6

apache struts 2.3.1.1

apache struts 2.3.1.2

apache struts 2.3.15.1

apache struts 2.3.15.2

apache struts 2.3.4

apache struts 2.3.4.1

apache struts 2.3.7

apache struts 2.0.11.1

apache struts 2.0.11.2

apache struts 2.0.5

apache struts 2.0.6

apache struts 2.1.3

apache struts 2.1.4

apache struts 2.2.3.1

apache struts 2.3.1

apache struts 2.3.14.3

apache struts 2.3.15

apache struts 2.3.16.3

apache struts 2.3.3

apache struts 2.0.0

apache struts 2.0.14

apache struts 2.0.2

apache struts 2.0.9

apache struts 2.1.0

apache struts 2.1.8

apache struts 2.1.8.1

apache struts 2.2.1

apache struts 2.3.12

apache struts 2.3.14

apache struts 2.3.15.3

apache struts 2.3.16

apache struts 2.3.8

Vendor Advisories

Oracle: Oracle Critical Patch Update Advisory - April 2015
Oracle Critical Patch Update Advisory - April 2015 Description A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory Thus, prior Critical Patch ...
Oracle: Oracle Critical Patch Update Advisory - October 2016
Oracle Critical Patch Update Advisory - October 2016 Description A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previou ...
Oracle: Oracle Critical Patch Update Advisory - July 2015
Oracle Critical Patch Update Advisory - July 2015 Description A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory Thus, prior Critical Patch U ...

Github Repositories

struts-csrf-cracker

Proof of concept code to predict Struts2 CSRF Token < 2.3.20

Proof of concept code to predict Struts CSRF token [S2-023] For a complete explanation, you can read : Predicting Struts CSRF Token (CVE-2014-7809) Execution preview: == Initial token H6P3Y3GHIC2865ASZVQ913NR93QZO7BR == Initial token in hex (easier evaluation) 14b08fcbf6523eecd7dd7d3e89cf97d6f478db5617 Guessing part == bytes representation (reconstructed byte array) 14b08fc

-maven-security-versions

Maven Security Versions Identify vulnerable libraries in Maven dependencies The plugin is based on versions-maven-plugin It use the victims database has source for CVEs and Maven artifact mapping Usage &gt; mvn comredhatvictimsmaven:security-versions:check [INFO] Scanning for projects [INFO] [INFO] -----------------------------------------------------------------

maven-security-versions-Travis

Maven Security Versions Identify vulnerable libraries in Maven dependencies The plugin is based on versions-maven-plugin It use the victims database has source for CVEs and Maven artifact mapping Usage &gt; mvn comredhatvictimsmaven:security-versions:check [INFO] Scanning for projects [INFO] [INFO] -----------------------------------------------------------------

victims

Maven Security Versions Identify vulnerable libraries in Maven dependencies The plugin is based on versions-maven-plugin It use the victims database has source for CVEs and Maven artifact mapping Usage &gt; mvn comredhatvictimsmaven:security-versions:check [INFO] Scanning for projects [INFO] [INFO] -----------------------------------------------------------------

victims

Maven Security Versions Identify vulnerable libraries in Maven dependencies The plugin is based on versions-maven-plugin It use the victims database has source for CVEs and Maven artifact mapping Usage &gt; mvn comredhatvictimsmaven:security-versions:check [INFO] Scanning for projects [INFO] [INFO] -----------------------------------------------------------------

maven-security-versions

Identify vulnerable libraries in Maven dependencies

Maven Security Versions Identify vulnerable libraries in Maven dependencies The plugin is based on versions-maven-plugin It use the victims database has source for CVEs and Maven artifact mapping Usage &gt; mvn comredhatvictimsmaven:security-versions:check [INFO] Scanning for projects [INFO] [INFO] -----------------------------------------------------------------

References

CWE-352http://struts.apache.org/docs/s2-023.htmlhttp://packetstormsecurity.com/files/129421/Apache-Struts-2.3.20-Security-Fixes.htmlhttp://www.securitytracker.com/id/1031309http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.htmlhttp://www.securityfocus.com/bid/71548http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.htmlhttp://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.htmlhttp://www.securityfocus.com/archive/1/534175/100/0/threadedhttps://github.com/h3xstream/struts-csrf-crackerhttps://nvd.nist.govhttps://www.securityfocus.com/bid/71548http://tools.cisco.com/security/center/viewAlert.x?alertId=38390
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
remoteCVE-2022-47986CVE-2023-20963CVE-2023-1013CVE-2022-43628CVE-2023-1014log injectionCVE-2022-43639SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook