{"containers":{"cna":{"affected":[{"product":"Apache Struts","vendor":"Apache Software Foundation","versions":[{"status":"affected","version":"2.3.x before 2.3.32"},{"status":"affected","version":"2.5.x before 2.5.10.1"}]}],"datePublic":"2017-03-06T00:00:00.000Z","descriptions":[{"lang":"en","value":"The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2021-02-24T03:06:34.000Z","orgId":"f0158376-9dc2-43b6-827c-5f631a4d8d09","shortName":"apache"},"references":[{"tags":["x_refsource_MISC"],"url":"https://nmap.org/nsedoc/scripts/http-vuln-cve2017-5638.html"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-002.txt"},{"tags":["x_refsource_MISC"],"url":"https://arstechnica.com/security/2017/03/critical-vulnerability-under-massive-attack-imperils-high-impact-sites/"},{"name":"41570","tags":["exploit","x_refsource_EXPLOIT-DB"],"url":"https://exploit-db.com/exploits/41570"},{"tags":["x_refsource_CONFIRM"],"url":"https://security.netapp.com/advisory/ntap-20170310-0001/"},{"tags":["x_refsource_MISC"],"url":"https://github.com/rapid7/metasploit-framework/issues/8064"},{"tags":["x_refsource_CONFIRM"],"url":"https://struts.apache.org/docs/s2-046.html"},{"tags":["x_refsource_MISC"],"url":"http://blog.talosintelligence.com/2017/03/apache-0-day-exploited.html"},{"tags":["x_refsource_MISC"],"url":"https://www.imperva.com/blog/2017/03/cve-2017-5638-new-remote-code-execution-rce-vulnerability-in-apache-struts-2/"},{"tags":["x_refsource_CONFIRM"],"url":"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03733en_us"},{"name":"VU#834067","tags":["third-party-advisory","x_refsource_CERT-VN"],"url":"https://www.kb.cert.org/vuls/id/834067"},{"tags":["x_refsource_MISC"],"url":"https://isc.sans.edu/diary/22169"},{"tags":["x_refsource_CONFIRM"],"url":"https://struts.apache.org/docs/s2-045.html"},{"name":"1037973","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id/1037973"},{"tags":["x_refsource_MISC"],"url":"http://www.eweek.com/security/apache-struts-vulnerability-under-attack.html"},{"name":"96729","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/96729"},{"tags":["x_refsource_MISC"],"url":"https://twitter.com/theog150/status/841146956135124993"},{"tags":["x_refsource_MISC"],"url":"https://github.com/mazen160/struts-pwn"},{"tags":["x_refsource_MISC"],"url":"https://packetstormsecurity.com/files/141494/S2-45-poc.py.txt"},{"tags":["x_refsource_CONFIRM"],"url":"https://www.symantec.com/security-center/network-protection-security-advisories/SA145"},{"tags":["x_refsource_CONFIRM"],"url":"https://support.lenovo.com/us/en/product_security/len-14200"},{"tags":["x_refsource_CONFIRM"],"url":"https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=352306493971e7d5a756d61780d57a76eb1f519a"},{"tags":["x_refsource_CONFIRM"],"url":"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03723en_us"},{"tags":["x_refsource_CONFIRM"],"url":"https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=6b8272ce47160036ed120a48345d9aa884477228"},{"tags":["x_refsource_CONFIRM"],"url":"https://cwiki.apache.org/confluence/display/WW/S2-045"},{"name":"41614","tags":["exploit","x_refsource_EXPLOIT-DB"],"url":"https://www.exploit-db.com/exploits/41614/"},{"tags":["x_refsource_CONFIRM"],"url":"https://cwiki.apache.org/confluence/display/WW/S2-046"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"},{"tags":["x_refsource_CONFIRM"],"url":"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03749en_us"},{"tags":["x_refsource_MISC"],"url":"http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-5638-apache-struts-vulnerability-remote-code-execution/"},{"name":"[announce] 20200131 Apache Software Foundation Security Report: 2019","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E"},{"name":"[announce] 20210125 Apache Software Foundation Security Report: 2020","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922%40%3Cannounce.apache.org%3E"},{"name":"[announce] 20210223 Re: Apache Software Foundation Security Report: 2020","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7%40%3Cannounce.apache.org%3E"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"security@apache.org","ID":"CVE-2017-5638","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Apache Struts","version":{"version_data":[{"version_value":"2.3.x before 2.3.32"},{"version_value":"2.5.x before 2.5.10.1"}]}}]},"vendor_name":"Apache Software Foundation"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"https://nmap.org/nsedoc/scripts/http-vuln-cve2017-5638.html","refsource":"MISC","url":"https://nmap.org/nsedoc/scripts/http-vuln-cve2017-5638.html"},{"name":"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-002.txt","refsource":"CONFIRM","url":"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-002.txt"},{"name":"https://arstechnica.com/security/2017/03/critical-vulnerability-under-massive-attack-imperils-high-impact-sites/","refsource":"MISC","url":"https://arstechnica.com/security/2017/03/critical-vulnerability-under-massive-attack-imperils-high-impact-sites/"},{"name":"41570","refsource":"EXPLOIT-DB","url":"https://exploit-db.com/exploits/41570"},{"name":"https://security.netapp.com/advisory/ntap-20170310-0001/","refsource":"CONFIRM","url":"https://security.netapp.com/advisory/ntap-20170310-0001/"},{"name":"https://github.com/rapid7/metasploit-framework/issues/8064","refsource":"MISC","url":"https://github.com/rapid7/metasploit-framework/issues/8064"},{"name":"https://struts.apache.org/docs/s2-046.html","refsource":"CONFIRM","url":"https://struts.apache.org/docs/s2-046.html"},{"name":"http://blog.talosintelligence.com/2017/03/apache-0-day-exploited.html","refsource":"MISC","url":"http://blog.talosintelligence.com/2017/03/apache-0-day-exploited.html"},{"name":"https://www.imperva.com/blog/2017/03/cve-2017-5638-new-remote-code-execution-rce-vulnerability-in-apache-struts-2/","refsource":"MISC","url":"https://www.imperva.com/blog/2017/03/cve-2017-5638-new-remote-code-execution-rce-vulnerability-in-apache-struts-2/"},{"name":"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03733en_us","refsource":"CONFIRM","url":"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03733en_us"},{"name":"VU#834067","refsource":"CERT-VN","url":"https://www.kb.cert.org/vuls/id/834067"},{"name":"https://isc.sans.edu/diary/22169","refsource":"MISC","url":"https://isc.sans.edu/diary/22169"},{"name":"https://struts.apache.org/docs/s2-045.html","refsource":"CONFIRM","url":"https://struts.apache.org/docs/s2-045.html"},{"name":"1037973","refsource":"SECTRACK","url":"http://www.securitytracker.com/id/1037973"},{"name":"http://www.eweek.com/security/apache-struts-vulnerability-under-attack.html","refsource":"MISC","url":"http://www.eweek.com/security/apache-struts-vulnerability-under-attack.html"},{"name":"96729","refsource":"BID","url":"http://www.securityfocus.com/bid/96729"},{"name":"https://twitter.com/theog150/status/841146956135124993","refsource":"MISC","url":"https://twitter.com/theog150/status/841146956135124993"},{"name":"https://github.com/mazen160/struts-pwn","refsource":"MISC","url":"https://github.com/mazen160/struts-pwn"},{"name":"https://packetstormsecurity.com/files/141494/S2-45-poc.py.txt","refsource":"MISC","url":"https://packetstormsecurity.com/files/141494/S2-45-poc.py.txt"},{"name":"https://www.symantec.com/security-center/network-protection-security-advisories/SA145","refsource":"CONFIRM","url":"https://www.symantec.com/security-center/network-protection-security-advisories/SA145"},{"name":"https://support.lenovo.com/us/en/product_security/len-14200","refsource":"CONFIRM","url":"https://support.lenovo.com/us/en/product_security/len-14200"},{"name":"https://git1-us-west.apache.org/repos/asf?p=struts.git;a=commit;h=352306493971e7d5a756d61780d57a76eb1f519a","refsource":"CONFIRM","url":"https://git1-us-west.apache.org/repos/asf?p=struts.git;a=commit;h=352306493971e7d5a756d61780d57a76eb1f519a"},{"name":"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03723en_us","refsource":"CONFIRM","url":"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03723en_us"},{"name":"https://git1-us-west.apache.org/repos/asf?p=struts.git;a=commit;h=6b8272ce47160036ed120a48345d9aa884477228","refsource":"CONFIRM","url":"https://git1-us-west.apache.org/repos/asf?p=struts.git;a=commit;h=6b8272ce47160036ed120a48345d9aa884477228"},{"name":"https://cwiki.apache.org/confluence/display/WW/S2-045","refsource":"CONFIRM","url":"https://cwiki.apache.org/confluence/display/WW/S2-045"},{"name":"41614","refsource":"EXPLOIT-DB","url":"https://www.exploit-db.com/exploits/41614/"},{"name":"https://cwiki.apache.org/confluence/display/WW/S2-046","refsource":"CONFIRM","url":"https://cwiki.apache.org/confluence/display/WW/S2-046"},{"name":"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html","refsource":"CONFIRM","url":"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"},{"name":"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03749en_us","refsource":"CONFIRM","url":"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03749en_us"},{"name":"http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-5638-apache-struts-vulnerability-remote-code-execution/","refsource":"MISC","url":"http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-5638-apache-struts-vulnerability-remote-code-execution/"},{"name":"[announce] 20200131 Apache Software Foundation Security Report: 2019","refsource":"MLIST","url":"https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c@%3Cannounce.apache.org%3E"},{"name":"[announce] 20210125 Apache Software Foundation Security Report: 2020","refsource":"MLIST","url":"https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922@%3Cannounce.apache.org%3E"},{"name":"[announce] 20210223 Re: Apache Software Foundation Security Report: 2020","refsource":"MLIST","url":"https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7@%3Cannounce.apache.org%3E"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-05T15:04:15.370Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"https://nmap.org/nsedoc/scripts/http-vuln-cve2017-5638.html"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-002.txt"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://arstechnica.com/security/2017/03/critical-vulnerability-under-massive-attack-imperils-high-impact-sites/"},{"name":"41570","tags":["exploit","x_refsource_EXPLOIT-DB","x_transferred"],"url":"https://exploit-db.com/exploits/41570"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://security.netapp.com/advisory/ntap-20170310-0001/"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://github.com/rapid7/metasploit-framework/issues/8064"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://struts.apache.org/docs/s2-046.html"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://blog.talosintelligence.com/2017/03/apache-0-day-exploited.html"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://www.imperva.com/blog/2017/03/cve-2017-5638-new-remote-code-execution-rce-vulnerability-in-apache-struts-2/"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03733en_us"},{"name":"VU#834067","tags":["third-party-advisory","x_refsource_CERT-VN","x_transferred"],"url":"https://www.kb.cert.org/vuls/id/834067"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://isc.sans.edu/diary/22169"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://struts.apache.org/docs/s2-045.html"},{"name":"1037973","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id/1037973"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://www.eweek.com/security/apache-struts-vulnerability-under-attack.html"},{"name":"96729","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/96729"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://twitter.com/theog150/status/841146956135124993"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://github.com/mazen160/struts-pwn"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://packetstormsecurity.com/files/141494/S2-45-poc.py.txt"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://www.symantec.com/security-center/network-protection-security-advisories/SA145"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://support.lenovo.com/us/en/product_security/len-14200"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=352306493971e7d5a756d61780d57a76eb1f519a"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03723en_us"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=6b8272ce47160036ed120a48345d9aa884477228"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://cwiki.apache.org/confluence/display/WW/S2-045"},{"name":"41614","tags":["exploit","x_refsource_EXPLOIT-DB","x_transferred"],"url":"https://www.exploit-db.com/exploits/41614/"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://cwiki.apache.org/confluence/display/WW/S2-046"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03749en_us"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-5638-apache-struts-vulnerability-remote-code-execution/"},{"name":"[announce] 20200131 Apache Software Foundation Security Report: 2019","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E"},{"name":"[announce] 20210125 Apache Software Foundation Security Report: 2020","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922%40%3Cannounce.apache.org%3E"},{"name":"[announce] 20210223 Re: Apache Software Foundation Security Report: 2020","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7%40%3Cannounce.apache.org%3E"}]},{"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":9.8,"attackVector":"NETWORK","baseSeverity":"CRITICAL","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","integrityImpact":"HIGH","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"HIGH","privilegesRequired":"NONE","confidentialityImpact":"HIGH"}},{"other":{"type":"ssvc","content":{"id":"CVE-2017-5638","role":"CISA Coordinator","options":[{"Exploitation":"active"},{"Automatable":"yes"},{"Technical Impact":"total"}],"version":"2.0.3","timestamp":"2025-02-06T21:06:33.860690Z"}}},{"other":{"type":"kev","content":{"dateAdded":"2021-11-03","reference":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-5638"}}}],"references":[{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-5638","tags":["government-resource"]}],"problemTypes":[{"descriptions":[{"lang":"en","type":"CWE","cweId":"CWE-755","description":"CWE-755 Improper Handling of Exceptional Conditions"}]}],"timeline":[{"time":"2021-11-03T00:00:00.000Z","lang":"en","value":"CVE-2017-5638 added to CISA KEV"}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-10-21T23:55:46.106Z"}}]},"cveMetadata":{"assignerOrgId":"f0158376-9dc2-43b6-827c-5f631a4d8d09","assignerShortName":"apache","cveId":"CVE-2017-5638","datePublished":"2017-03-11T02:11:00.000Z","dateReserved":"2017-01-29T00:00:00.000Z","dateUpdated":"2025-10-21T23:55:46.106Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}