Lucene search
F5F5:K65065347HistoryApr 11, 2018 - 12:00 a.m.
K65065347 : Apache Struts vulnerability CVE-2018-1327
2018-04-1100:00:00
my.f5.com
15
Security Advisory Description
The Apache Struts REST Plugin is using XStream library which is vulnerable and allow perform a DoS attack when using a malicious request with specially crafted XML payload. Upgrade to the Apache Struts version 2.5.16 and switch to an optional Jackson XML handler as described here <http://struts.apache.org/plugins/rest/#custom-contenttypehandlers>. Another option is to implement a custom XML handler based on the Jackson XML handler from the Apache Struts 2.5.16. (CVE-2018-1327)
Impact
There is no impact; F5 products are not affected by this vulnerability.
Related
ubuntucve
ubuntucve
CVE-2018-1327
2018-03-27 00:00:00
osv
osv
CVE-2018-1327
2018-03-27 21:29:00
Apache Struts REST Plugin can potentially allow a DoS attack
2018-10-16 19:35:26
openvas
openvas
Apache Struts Security Update (S2-056)
2018-04-02 00:00:00
prion
prion
Design/Logic Flaw
2018-03-27 21:29:00
ibm
ibm
nessus
nessus
redhatcve
redhatcve
CVE-2018-1327
2018-03-27 12:49:08
cvelist
cvelist
CVE-2018-1327
2018-03-27 00:00:00
seebug
seebug
Apache Struts2 S2-056(CVE-2018-1327)
2018-03-27 00:00:00
cve
cve
CVE-2018-1327
2018-03-27 21:29:00
nvd
nvd
CVE-2018-1327
2018-03-27 21:29:00
github
github
Apache Struts REST Plugin can potentially allow a DoS attack
2018-10-16 19:35:26
Bypassing OGNL sandboxes for fun and charities
2023-01-27 16:00:49
veracode
veracode
Denial Of Service (DoS)
2018-03-28 05:11:48
oracle
oracle
CPU July 2018
2018-07-17 00:00:00