CVE-2018-1327: DoS attack is possible when using XStream handler with the Struts REST plugin

 

Vulnerability when will it stop, this is our holiday! The Apache Software Foundation has released a security update to address a vulnerability in Struts 2. The problem was that a DoS attack is possible when using XStream handler with the Struts REST plugin. As far as I know, Cisco integrate Struts 2 in their product design. Since without status update by Cisco in regards to this vulnerabilities. So, stay tuned!

You can find the official technical details below:

https://cwiki.apache.org/confluence/display/WW/S2-056

This vulnerability so call Easter holiday vulnerability.

One thought on “CVE-2018-1327: DoS attack is possible when using XStream handler with the Struts REST plugin”

  1. You actually make it appear so easy with your presentation however I in finding this matter to be really one thing which I think I would by no means understand. It sort of feels too complex and very broad for me. I’m looking ahead for your next publish, I will attempt to get the grasp of it!

Comments are closed.