CVE-2016-4436

Loading...

General

Score:7.5/10.0
Severity:High
Category:N/A

Impact Metrics

Confidentiality:Partial
Integrity:Partial
Availability:Partial

Exploitability Metrics

Access Vector:Network
Access Complexity:Low
Authentication:None

Relative vulnerabilities

CVE-2016-0785, CVE-2016-4430, CVE-2016-4431, CVE-2016-4433, CVE-2016-4438, CVE-2016-4465

Published on 03/10/16 - Updated on 09/08/17

Description

Apache Struts 2 before 2.3.29 and 2.5.x before 2.5.1 allow attackers to have unspecified impact via vectors related to improper action name clean up.

Category:

There is insufficient information about the issue to classify it; details are unknown or unspecified.

Security Notices

US National Vulnerability DatabaseCVE-2016-4436
Agence Nationale de la Sécurité des Systèmes d'Information CERTFR-2017-AVI-224
Renater 2016/VULN260

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
apachestruts

Share this vulnerability with:

Twitter Facebook LinkedIn Mail