CVE-2017-9791 | Cybersecurity Alerts | Nexus IT Services, LLC

← Back to Cybersecurity Alerts

CVE-2017-9791

Apache | Struts 1Added 2022-02-10Remediation Deadline 2022-08-10

Apache Struts 1 Improper Input Validation Vulnerability

The Struts 1 plugin in Apache Struts might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage.

Required Action

Apply updates per vendor instructions.

Weakness Classification

CWE-20

References

https://nvd.nist.gov/vuln/detail/CVE-2017-9791