6.2

CVSS Score

3.0

Basic Information

CVE ID

CVE-2017-15707

GHSA ID

GHSA-xcrm-qpp8-hcw4

EPSS Score

0.84623%

CWE

CWE-20

Published

10/16/2018

Updated

1/9/2023

KEV Status

Technology

Java

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2017-15707

CVE-2017-15707: Moderate severity vulnerability that affects org.apache.struts:struts2-rest-plugin

In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload.

(GitHub Advisory)

6.2

CVSS Score

3.0

Basic Information

CVE ID

CVE-2017-15707

GHSA ID

GHSA-xcrm-qpp8-hcw4

EPSS Score

0.84623%

CWE

CWE-20

Published

10/16/2018

Updated

1/9/2023

KEV Status

Technology

Java

Technical Details

CVSS Vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
org.apache.struts:struts2-rest-plugin	maven	>= 2.5.0, <= 2.5.14	2.5.16

Vulnerability Intelligence
Miggo AI

Root Cause Analysis:

In progress

WAF Protection Rules

WAF Rule

In *p**** Struts *.* to *.*.**, t** R*ST Plu*in is usin* *n out**t** JSON-li* li*r*ry w*i** is vuln*r**l* *n* *llow p*r*orm * *oS *tt**k usin* m*li*ious r*qu*st wit* sp**i*lly *r**t** JSON p*ylo**.

Reasoning

No *n*lysis *v*il**l*

6.2

Basic Information

Concerned about an active attack path?

CVE-2017-15707: Moderate severity vulnerability that affects org.apache.struts:struts2-rest-plugin

6.2

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI