摘要:
Apache Struts 2.3.19 to 2.3.20.2, 2.3.21 to 2.3.24.1, and 2.3.25 to 2.3.28, when Dynamic Method Invocation is enabled, allow remote attackers to execute arbitrary code via vectors related to an ! (exclamation mark) operator to the REST Plugin.
安全等级: Low
公告ID: KylinSec-SA-2022-1718
发布日期: 2022年7月30日
关联CVE: CVE-2016-3087
Apache Struts 2.3.19 to 2.3.20.2, 2.3.21 to 2.3.24.1, and 2.3.25 to 2.3.28, when Dynamic Method Invocation is enabled, allow remote attackers to execute arbitrary code via vectors related to an ! (exclamation mark) operator to the REST Plugin.
| cve名称 | 产品 | 组件 | 是否受影响 |
|---|---|---|---|
| CVE-2016-3087 | KY3.4-4A | struts | Unaffected |
| CVE-2016-3087 | KY3.4-5 | struts | Unaffected |
| CVE-2016-3087 | KY3.5.1 | struts | Unaffected |
