CVE-2010-1870 : Detail

The OGNL extensive expression evaluation capability in XWork in Struts 2.0.0 through 2.1.8.1, as used in Atlassian Fisheye, Crucible, and possibly other products, uses a permissive whitelist, which allows remote attackers to modify server-side context objects and bypass the "#" protection mechanism in ParameterInterceptors via the (1) #context, (2) #_memberAccess, (3) #root, (4) #this, (5) #_typeResolver, (6) #_classResolver, (7) #_traceEvaluations, (8) #_lastEvaluation, (9) #_keepLastEvaluation, and possibly other OGNL context variables, a different vulnerability than CVE-2008-6504.

Metrics

EPSS

EPSS Score

EPSS Percentile

Exploit information

Exploit Database EDB-ID : 17691

Publication date : 2011-08-18 22h00 +00:00
Author : Metasploit
EDB Verified : Yes

Exploit Database EDB-ID : 14360

Publication date : 2010-07-13 22h00 +00:00
Author : Meder Kydyraliev
EDB Verified : No

Products Mentioned

Configuraton 0

Apache>>Struts >> Version 2.0.0

Apache>>Struts >> Version 2.0.1

Apache>>Struts >> Version 2.0.2

Apache>>Struts >> Version 2.0.3

Apache>>Struts >> Version 2.0.4

Apache>>Struts >> Version 2.0.5

Apache>>Struts >> Version 2.0.6

Apache>>Struts >> Version 2.0.7

Apache>>Struts >> Version 2.0.8

Apache>>Struts >> Version 2.0.9

Apache>>Struts >> Version 2.0.10

Apache>>Struts >> Version 2.0.11

Apache>>Struts >> Version 2.0.11.1

Apache>>Struts >> Version 2.0.11.2

Apache>>Struts >> Version 2.0.12

Apache>>Struts >> Version 2.0.13

Apache>>Struts >> Version 2.0.14

Apache>>Struts >> Version 2.1.0

Apache>>Struts >> Version 2.1.1

Apache>>Struts >> Version 2.1.2

Apache>>Struts >> Version 2.1.3

Apache>>Struts >> Version 2.1.4

Apache>>Struts >> Version 2.1.5

Apache>>Struts >> Version 2.1.6

Apache>>Struts >> Version 2.1.8

Apache>>Struts >> Version 2.1.8.1

References