CVE-2016-1181

HIGH

Apache Struts 1 <1.3.10 - RCE

Title source: llm
STIX 2.1

Description

ActionServlet.java in Apache Struts 1 1.x through 1.3.10 mishandles multithreaded access to an ActionForm instance, which allows remote attackers to execute arbitrary code or cause a denial of service (unexpected memory access) via a multipart request, a related issue to CVE-2015-0899.

References (21)

Core 21
Core References
Third Party Advisory, VDB Entry, Vendor Advisory third-party-advisory x_refsource_jvndb
http://jvndb.jvn.jp/jvndb/JVNDB-2016-000096
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/91068
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1036056
Vendor Advisory third-party-advisory x_refsource_jvn
http://jvn.jp/en/jp/JVN03188560/index.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/91787
Patch, Third Party Advisory x_refsource_confirm
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
Third Party Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20180629-0006/
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=1343538
Patch, Third Party Advisory x_refsource_confirm
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
Third Party Advisory x_refsource_confirm
https://security-tracker.debian.org/tracker/CVE-2016-1181

Scores

CVSS v3 8.1
EPSS 0.1074
EPSS Percentile 93.4%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

Status published
Products (27)
apache/struts 1.0 (4 CPE variants)
apache/struts 1.0.1
apache/struts 1.0.2
apache/struts 1.1 (6 CPE variants)
apache/struts 1.2.0
apache/struts 1.2.1
apache/struts 1.2.2
apache/struts 1.2.3
apache/struts 1.2.4
apache/struts 1.2.5
... and 17 more
Published Jul 04, 2016
Tracked Since Feb 18, 2026