Apache Struts 2.1.x, 2.3.7 through 2.3.33 and 2.5 through 2.5.12 - Outdated XStream Library DoS Vulnerability

Apache Struts 2.1.x, 2.3.7 through 2.3.33 and 2.5 through 2.5.12 - Outdated XStream Library DoS Vulnerability

CVE-2017-9793 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

The REST Plugin in Apache Struts 2.1.x, 2.3.7 through 2.3.33 and 2.5 through 2.5.12 is using an outdated XStream library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted XML payload.

Learn more about our Cis Benchmark Audit For Apache Http Server.