7.5
CVSSv3

CVE-2015-5209

Published: 29/08/2017 Updated: 01/07/2018
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

Vulnerability Summary

Apache Struts 2.x prior to 2.3.24.1 allows remote malicious users to manipulate Struts internals, alter user sessions, or affect container settings via vectors involving a top object.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apache struts 2.3.1.1

apache struts 2.0.9

apache struts 2.3.5

apache struts 2.0.12

apache struts 2.2.3.1

apache struts 2.1.0

apache struts 2.3.20.2

apache struts 2.3.15

apache struts 2.0.0

apache struts 2.3.14

apache struts 2.0.8

apache struts 2.0.7

apache struts 2.0.4

apache struts 2.3.13

apache struts 2.2.1

apache struts 2.3.16

apache struts 2.3.17

apache struts 2.3.22

apache struts 2.3.9

apache struts 2.1.8.1

apache struts 2.3.3

apache struts 2.3.16.3

apache struts 2.3.4

apache struts 2.1.3

apache struts 2.3.23

apache struts 2.3.6

apache struts 2.1.2

apache struts 2.1.5

apache struts 2.0.1

apache struts 2.3.15.2

apache struts 2.3.14.3

apache struts 2.3.19

apache struts 2.0.2

apache struts 2.1.8

apache struts 2.3.4.1

apache struts 2.3.20.1

apache struts 2.0.11.1

apache struts 2.3.8

apache struts 2.3.7

apache struts 2.3.24

apache struts 2.0.3

apache struts 2.3.14.2

apache struts 2.0.14

apache struts 2.3.10

apache struts 2.3.15.1

apache struts 2.3.1

apache struts 2.0.11

apache struts 2.3.16.2

apache struts 2.1.6

apache struts 2.0.5

apache struts 2.2.3

apache struts 2.3.12

apache struts 2.1.4

apache struts 2.2.1.1

apache struts 2.0.11.2

apache struts 2.0.13

apache struts 2.3.1.2

apache struts 2.3.21

apache struts 2.3.20

apache struts 2.3.11

apache struts 2.3.15.3

apache struts 2.3.16.1

apache struts 2.1.1

apache struts 2.0.6

apache struts 2.0.10

apache struts 2.3.14.1