CN

CyberNewsUz

Threat Intelligence Portal

LOADING0%

Yangiliklar CVE Tracker Exploitlar Hujumlar Xarita

CN

CyberNewsUz

Threat Intelligence Portal

LOADING0%

O'zbek tilidagi kiberxavfsizlik portali. Yangiliklar, CVE tracker, hujumlar bazasi.

Yangiliklar

Barcha yangiliklar
Hujumlar
Zayifliklar
O'zbekiston
Jahon

Asboblar

CVE Tracker
Exploit DB
Hujumlar bazasi
Threat xarita

Loyiha

Biz haqimizda

© 2026 CyberNewsUz. Barcha huquqlar himoyalangan.

CVE Tracker ga qaytish

CVE-2017-9805

Yuqori(8.1)

Apache Struts 2.1.1 dan 2.3.x gacha boʻlgan REST plaginida 2.3.34 dan oldin va 2.5.x 2.5.13 dan oldin XStreamHandler-dan XStream namunasi bilan hech qanday filtrlashsiz seriyadan chiqarish uchun foydalaniladi, bu esa XML-ni toʻlov-seriyadan chiqarishda masofaviy kod bajarilishiga olib kelishi mumkin.

Vendor

Apache

Product

Struts

CVSS Score

8.1

Nashr sanasi

15-sen, 2017

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Manbalar

http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-9805-3889403.html
http://www.securityfocus.com/bid/100609
http://www.securitytracker.com/id/1039263
https://blogs.apache.org/foundation/entry/apache-struts-statement-on-equifax
https://bugzilla.redhat.com/show_bug.cgi?id=1488482

Yangi kritik zaifliklar

CyberNewsUz — CVE-2017-9805