Lucene search

K
f5F5F5:K15260
HistoryMay 15, 2014 - 12:00 a.m.

K15260 : Apache Struts vulnerability CVE-2014-0094

2014-05-1500:00:00
my.f5.com
23

7.9 High

AI Score

Confidence

High

0.971 High

EPSS

Percentile

99.8%

Security Advisory Description

The ParametersInterceptor in Apache Struts before 2.3.16.1 allows remote attackers to “manipulate” the ClassLoader via the class parameter, which is passed to the getClass method. (CVE-2014-0094)

Impact

None. F5 products do not use the affected Apache Struts version.