Apache Struts CVE-2017-5638 Remote Code Execution Vulnerability

Bugtraq ID: 96729
Class: Input Validation Error
CVE: CVE-2017-5638
Remote: Yes
Local: No
Published: Mar 06 2017 12:00AM
Updated: May 26 2017 07:00AM
Credit: Nike Zheng
Vulnerable: VMWare vRealize Operations Manager (vROps) 6.0
VMWare vRealize Hyperic 5.0
VMWare vCenter Server 6.5
VMWare vCenter Server 6.0
VMWare Horizon Desktop as-a-Service Platform (DaaS) 7.0
VMWare Horizon Desktop as-a-Service Platform (DaaS) 6.0
Oracle WebCenter Sites 11.1.1 8.0
Oracle WebCenter Sites 12.2.1.2.0
Oracle WebCenter Sites 12.2.1.1.0
Oracle WebCenter Sites 12.2.1.0.0
IBM Sterling Selling and Fulfillment Foundation 9.5
IBM Sterling Selling and Fulfillment Foundation 9.4
IBM Sterling Selling and Fulfillment Foundation 9.2.1
IBM Sterling Selling and Fulfillment Foundation 9.2
IBM Sterling Selling and Fulfillment Foundation 9.1
IBM Sterling Selling and Fulfillment Foundation 9.3.0
IBM Connections 5.5
IBM Connections 5.0
IBM Connections 4.5
IBM Connections 4.0
Huawei SMSGW V100R003C01
Huawei SMSGW V100R002C11
Huawei SMSGW V100R002C01
Huawei Secospace AntiDDoS8030 V100R001C00
Huawei iManager NetEco 6000 V600R007C91
Huawei iManager NetEco 6000 V600R007C90
Huawei iManager NetEco 6000 V600R007C80
Huawei iManager NetEco V600R008C20
Huawei iManager NetEco V600R008C10
Huawei iManager NetEco V600R008C00
Huawei iManager NetEco V600R007C60SPC100
Huawei iManager NetEco V600R007C50
Huawei iManager NetEco V600R007C11
Huawei eSpace ECS V300R001C00
Huawei eSpace ECS V200R003C10
Huawei eSpace ECS V200R003C00
Huawei eSpace ECS V200R002C00
HP Universal CMDB Foundation Software 10.22 CUP5
HP Server Automation 9.16
HP Server Automation 9.15
HP Server Automation 9.14
HP Server Automation 9.13
HP Server Automation 9.12
HP Server Automation 9.10
HP Server Automation 9.1
HP Server Automation 10.50
HP Server Automation 10.20
HP Server Automation 10.10
HP Server Automation 10.02
HP Server Automation 10.01
HP Server Automation 10.00
Cisco Virtualized Voice Browser 0
Cisco Unity Connection 0
Cisco Unified SIP Proxy Software 0
Cisco Unified Intelligent Contact Management Enterprise 0
Cisco Unified Intelligence Center 0
Cisco Unified Contact Center Express 0
Cisco Unified Contact Center Enterprise - Live Data server 0
Cisco Unified Contact Center Enterprise 0
Cisco Unified Communications Manager Session Management Edition 0
Cisco Unified Communications Manager IM & Presence Service 0
Cisco Unified Communications Manager -
Cisco SocialMiner 0
Cisco Prime Service Catalog Appliance and Virtual Appliance 0
Cisco Prime License Manager 0
Cisco Packaged Contact Center Enterprise 0
Cisco MediaSense 0
Cisco Identity Services Engine (ISE) 0
Cisco Hosted Collaboration Solution for Contact Center 0
Cisco Hosted Collaboration Mediation Fulfillment 0
Cisco Finesse 0
Cisco Emergency Responder
Atlassian HipChat Server 2.0
Atlassian Crowd 2.11
Atlassian Crowd 2.10.1
Atlassian Crowd 2.9.5
Atlassian Crowd 2.9.4
Atlassian Crowd 2.9.3
Atlassian Crowd 2.9.2
Atlassian Crowd 2.9.1
Atlassian Crowd 2.9
Atlassian Crowd 2.8.8
Atlassian Crowd 2.8.3
Atlassian Bamboo 5.15
Atlassian Bamboo 5.12
Atlassian Bamboo 5.11
Atlassian Bamboo 5.10
Atlassian Bamboo 5.1
Atlassian Bamboo 5.12.3.1
Atlassian Bamboo 5.11.4.1
Apache Struts 2.3.31
Apache Struts 2.3.30
Apache Struts 2.3.28
Apache Struts 2.3.24
Apache Struts 2.3.5
Apache Struts 2.5.8
Apache Struts 2.5.7
Apache Struts 2.5.5
Apache Struts 2.5.2
Apache Struts 2.5.10
Apache Struts 2.5.1
Apache Struts 2.5
Apache Struts 2.3.8
Apache Struts 2.3.7
Apache Struts 2.3.29
Apache Struts 2.3.20
Apache Struts 2.3.16
Apache Struts 2.3.15
Apache Struts 2.3.14
Apache Struts 2.3.12
Not Vulnerable: VMWare vCenter Server 6.5b
IBM Sterling Selling and Fulfillment Foundation 9.5.0-SFP2
IBM Sterling Selling and Fulfillment Foundation 9.4.0-SFP3
IBM Sterling Selling and Fulfillment Foundation 9.3.0-SFP5
IBM Sterling Selling and Fulfillment Foundation 9.2.1- SFP6
IBM Sterling Selling and Fulfillment Foundation 9.2.0- SFP6
IBM Sterling Selling and Fulfillment Foundation 9.1.0- SFP6
Cisco Virtualized Voice Browser 11.5 SU1
Cisco Unity Connection 12.0
Cisco Unity Connection 11.5
Cisco Unity Connection 11.0
Cisco Unified SIP Proxy Software 10.1
Cisco Unified Intelligent Contact Management Enterprise 11.5(1)
Cisco Unified Intelligent Contact Management Enterprise 11.0(2)
Cisco Unified Intelligent Contact Management Enterprise 10.5(3)
Cisco Unified Intelligent Contact Management Enterprise 10.0(2)
Cisco Unified Intelligence Center 11.5(1) ES03
Cisco Unified Contact Center Express 11.5 SU1
Cisco Unified Contact Center Enterprise - Live Data server 11.5(1)
Cisco Unified Contact Center Enterprise - Live Data server 11.0(2)
Cisco Unified Contact Center Enterprise - Live Data server 10.5(3)
Cisco Unified Contact Center Enterprise - Live Data server 10.0(2)
Cisco Unified Contact Center Enterprise 11.5(1)
Cisco Unified Contact Center Enterprise 11.0(2)
Cisco Unified Contact Center Enterprise 10.5(3)
Cisco Unified Contact Center Enterprise 10.0(2)
Cisco SocialMiner 11.5 SU1
Cisco Prime License Manager 11.5(1)SU1a
Cisco MediaSense 11.5
Cisco Hosted Collaboration Solution for Contact Center 11.5(1)
Cisco Hosted Collaboration Solution for Contact Center 11.0(2)
Cisco Hosted Collaboration Solution for Contact Center 10.5(3)
Cisco Hosted Collaboration Solution for Contact Center 10.0(2)
Cisco Finesse 11.5 ES2
Atlassian HipChat Server 2.2.2
Atlassian Crowd 2.11.1
Atlassian Crowd 2.10.3
Atlassian Crowd 2.9.7
Atlassian Bamboo 5.15.3
Atlassian Bamboo 5.14.5
Apache Struts 2.5.10.1
Apache Struts 2.3.32


 

Privacy Statement
Copyright 2010, SecurityFocus