In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
apache struts |
||
netapp oncommand balance - |
||
oracle retail xstore point of service 7.1.6 |
||
oracle retail xstore point of service 15.0.1 |
||
oracle retail xstore point of service 16.0.2 |
||
oracle jd edwards enterpriseone tools 9.2 |
||
oracle weblogic server 12.2.1.3 |
||
oracle enterprise manager for virtualization 13.2.3 |
||
oracle agile plm framework 9.3.6 |
||
oracle retail xstore point of service 6.5.11 |
||
oracle webcenter portal 12.2.1.3.0 |
||
oracle global lifecycle management opatchauto |
||
oracle financial services hedge management and ifrs valuations 8.0.4 |
||
oracle financial services hedge management and ifrs valuations 8.0.5 |
||
oracle financial services market risk measurement and management 8.0.5 |
||
oracle weblogic server 12.2.1.2 |
||
oracle enterprise manager for virtualization 13.2.2 |
||
oracle retail order broker 5.2 |
||
oracle retail xstore point of service 7.0.6 |
||
oracle webcenter portal 12.2.1.2.0 |
Vulmon