Vulnerability CVE-2015-0899 - CERT Civis.Net

Vulnerability Name:

CVE-2015-0899 (CCN-101770)

Assigned:

2015-03-24

Published:

2015-03-24

Updated:

2018-07-01

Summary:

The MultiPageValidator implementation in Apache Struts 1 1.1 through 1.3.10 allows remote attackers to bypass intended access restrictions via a modified page parameter.

CVSS v3 Severity:

7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): High Availibility (A): None

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

Vulnerability Type:

Vulnerability Consequences:

Bypass Security

References:

Source: MITRE
Type: CNA
CVE-2015-0899

Source: CCN
Type: JVN#86448949
The Validator in TERASOLUNA Server Framework for Java(WEB) vulnerable to input validation bypass

Source: JVN
Type: Vendor Advisory
JVN#86448949

Source: CCN
Type: JVN#91383083
Seasar S2Struts vulnerable to input validation bypass

Source: JVNDB
Type: Vendor Advisory
JVNDB-2015-000042

Source: CCN
Type: Seasar Web site
S2Struts

Source: CCN
Type: TERASOLUNA Web page
TERASOLUNA Server Framework for Java

Source: CCN
Type: Apache Web site
Struts

Source: DEBIAN
Type: UNKNOWN
DSA-3536

Source: CCN
Type: IBM Security Bulletin 0717691 (WebSphere Application Server in Cloud)
Multiple security vulnerabilities affect IBM WebSphere Application Server in IBM Cloud

Source: CCN
Type: IBM Security Bulletin 0719203 (Emptoris Sourcing)
Vulnerability in IBM WebSphere Application Server Affects IBM Emptoris Sourcing, IBM Emptoris Contract Management, IBM Emptoris Spend Analysis, IBM Emptoris Program Management and IBM Emptoris Service Procurement (CVE-2015-0899)

Source: CCN
Type: IBM Security Bulletin 734305 (Workload Automation)
Multiple vulnerabilities in WebSphere application server affect IBM Workload Scheduler

Source: CCN
Type: IBM Security Bulletin 879093 (Security Privileged Identity Manager)
Multiple Security Vulnerabilities have been fixed in IBM Security Privileged Identity Manager Appliance.

Source: CCN
Type: IBM Security Bulletin 1988770 (WebSphere Portal)
Vulnerabilities in Apache Struts affect IBM WebSphere Portal (CVE-2015-0899, CVE-2016-1181, CVE-2016-1182)

Source: CCN
Type: IBM Security Bulletin 1990834 (Business Process Manager Advanced)
Security vulnerabilities in Apache Struts might affect IBM Business Process Manager and WebSphere Lombardi Edition (CVE-2016-1181, CVE-2016-1182, CVE-2015-0899)

Source: CCN
Type: IBM Security Bulletin 2007053 (Tivoli Netcool/OMNIbus)
Vulnerability in Apache Struts affect Tivoli Netcool/OMNIbus WebGUI (CVE-2015-0899)

Source: CCN
Type: IBM Security Bulletin 2008689 (Cram Social Program Management)
Vulnerability in Apache Struts affects IBM Cram Social Program Management (CVE-2016-1182, CVE-2016-1181, CVE-2015-0899)

Source: CCN
Type: IBM Security Bulletin 2011978 (Sterling B2B Integrator)
Multiple Apache Struts Vulnerabilities Affect IBM Sterling B2B Integrator

Source: CCN
Type: IBM Security Bulletin 2012006 (Sterling File Gateway)
Multiple Apache Struts Vulnerabilities Affect IBM Sterling File Gateway

Source: CCN
Type: IBM Security Bulletin 2015348 (WebSphere Application Server)
Potential vulnerability in WebSphere Application Server (CVE-2015-0899)

Source: CONFIRM
Type: UNKNOWN
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

Source: BID
Type: UNKNOWN
74423

Source: CCN
Type: BID-74423
Apache Struts CVE-2015-0899 Security Bypass Vulnerability

Source: CONFIRM
Type: Patch
https://en.osdn.jp/projects/terasoluna/wiki/StrutsPatch2-EN

Source: XF
Type: UNKNOWN
apache-struts-cve20150899-sec-bypass(101770)

Source: CONFIRM
Type: UNKNOWN
https://security.netapp.com/advisory/ntap-20180629-0006/

Source: CCN
Type: IBM Security Bulletin 792503 (Security Guardium)
IBM Security Guardium is affected by an OpenSource Apache Struts vulnerability

Source: CCN
Type: IBM Security Bulletin 796180 (Tivoli Monitoring V6)
Multiple vulnerabilities affect IBM Tivoli Monitoring embedded WebSphere Application Server

Source: CCN
Type: IBM Security Bulletin 1999097 (Content Collector)
OpenSource Apache Struts vulnerability in Content Collector for IBM Connections

Source: CCN
Type: IBM Security Bulletin 1999099 (Content Collector)
OpenSource Apache Struts vulnerability in IBM Content Collector for Microsoft SharePoint

Source: CCN
Type: IBM Security Bulletin 1999105 (Content Collector)
OpenSource Apache Struts vulnerability in IBM Content Collector for File Systems

Source: CCN
Type: IBM Security Bulletin 1999106 (Content Collector)
OpenSource Apache Struts vulnerability in IBM Content Collector for Email

Source: CCN
Type: IBM Security Bulletin 2000471 (Enterprise Records)
Open Source Apache Struts Vulnerabilities affect IBM Enterprise Records

Source: CCN
Type: IBM Security Bulletin 6910171 (Integration Designer)
Multiple CVEs affect IBM Integration Designer

Vulnerable Configuration:

Configuration 1:

cpe:/a:apache:struts:1.0:*:*:*:*:*:*:*

OR cpe:/a:apache:struts:1.0.2:*:*:*:*:*:*:*

OR cpe:/a:apache:struts:1.1:*:*:*:*:*:*:*

OR cpe:/a:apache:struts:1.1:b1:*:*:*:*:*:*

OR cpe:/a:apache:struts:1.1:b2:*:*:*:*:*:*

OR cpe:/a:apache:struts:1.1:b3:*:*:*:*:*:*

OR cpe:/a:apache:struts:1.1:rc1:*:*:*:*:*:*

OR cpe:/a:apache:struts:1.1:rc2:*:*:*:*:*:*

OR cpe:/a:apache:struts:1.2.2:*:*:*:*:*:*:*

OR cpe:/a:apache:struts:1.2.4:*:*:*:*:*:*:*

OR cpe:/a:apache:struts:1.2.6:*:*:*:*:*:*:*

OR cpe:/a:apache:struts:1.2.7:*:*:*:*:*:*:*

OR cpe:/a:apache:struts:1.2.8:*:*:*:*:*:*:*

OR cpe:/a:apache:struts:1.2.9:*:*:*:*:*:*:*

OR cpe:/a:apache:struts:1.3.5:*:*:*:*:*:*:*

OR cpe:/a:apache:struts:1.3.8:*:*:*:*:*:*:*

OR cpe:/a:apache:struts:1.3.10:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:apache:struts:1.2.7:*:*:*:*:*:*:*

OR cpe:/a:apache:struts:1.2.8:*:*:*:*:*:*:*

OR cpe:/a:apache:struts:1.2.9:*:*:*:*:*:*:*

OR cpe:/a:apache:struts:1.3.10:*:*:*:*:*:*:*

OR cpe:/a:apache:struts:1.0:*:*:*:*:*:*:*

OR cpe:/a:apache:struts:1.0.2:*:*:*:*:*:*:*

OR cpe:/a:apache:struts:1.1:b1:*:*:*:*:*:*

OR cpe:/a:apache:struts:1.1:b2:*:*:*:*:*:*

OR cpe:/a:apache:struts:1.1:b3:*:*:*:*:*:*

OR cpe:/a:apache:struts:1.1:rc1:*:*:*:*:*:*

OR cpe:/a:apache:struts:1.1:rc2:*:*:*:*:*:*

OR cpe:/a:apache:struts:1.2.2:*:*:*:*:*:*:*

OR cpe:/a:apache:struts:1.2.4:*:*:*:*:*:*:*

OR cpe:/a:apache:struts:1.2.6:*:*:*:*:*:*:*

OR cpe:/a:apache:struts:1.3.5:*:*:*:*:*:*:*

OR cpe:/a:apache:struts:1.3.8:*:*:*:*:*:*:*

AND

cpe:/a:ibm:websphere_application_server:7.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_portal:7.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:8.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_portal:8.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:8.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_monitoring:6.2.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:sterling_b2b_integrator:5.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:content_collector:3.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_monitoring:6.2.3.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_monitoring:6.2.3.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_netcool/omnibus:7.4.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:sterling_file_gateway:2.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:sterling_b2b_integrator:5.2.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:content_collector:4.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_portal:8.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_portal:6.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:sterling_b2b_integrator:5.2.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:sterling_b2b_integrator:5.2.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:sterling_b2b_integrator:5.2.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:business_process_manager:7.5:*:*:*:advanced:*:*:*

OR cpe:/a:ibm:business_process_manager:7.5.0.1:*:*:*:advanced:*:*:*

OR cpe:/a:ibm:business_process_manager:7.5.1:*:*:*:advanced:*:*:*

OR cpe:/a:ibm:business_process_manager:7.5.1.1:*:*:*:advanced:*:*:*

OR cpe:/a:ibm:business_process_manager:7.5.1.2:*:*:*:advanced:*:*:*

OR cpe:/a:ibm:business_process_manager:8.0:*:*:*:advanced:*:*:*

OR cpe:/a:ibm:business_process_manager:8.0.1:*:*:*:advanced:*:*:*

OR cpe:/a:ibm:business_process_manager:8.0.1.1:*:*:*:advanced:*:*:*

OR cpe:/a:ibm:business_process_manager:8.0.1.2:*:*:*:advanced:*:*:*

OR cpe:/a:ibm:business_process_manager:8.5:*:*:*:advanced:*:*:*

OR cpe:/a:ibm:business_process_manager:8.5.0.1:*:*:*:advanced:*:*:*

OR cpe:/a:ibm:business_process_manager:8.5.5:*:*:*:advanced:*:*:*

OR cpe:/a:ibm:business_process_manager:8.0.1.3:*:*:*:advanced:*:*:*

OR cpe:/a:ibm:tivoli_netcool/omnibus:8.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:sterling_b2b_integrator:5.2.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:curam_social_program_management:6.0.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:business_process_manager:8.5.6:*:*:*:advanced:*:*:*

OR cpe:/a:ibm:tivoli_monitoring:6.2.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_monitoring:6.2.3.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_monitoring:6.2.3.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_monitoring:6.2.3.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_monitoring:6.2.3.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_monitoring:6.2.3.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_monitoring:6.3.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_monitoring:6.3.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_monitoring:6.3.0.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:content_collector:4.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_guardium:10:*:*:*:*:*:*:*

OR cpe:/a:ibm:business_process_manager:8.5.0.2:*:*:*:advanced:*:*:*

OR cpe:/a:ibm:sterling_b2b_integrator:5.2.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:curam_social_program_management:6.1.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:business_process_manager:8.5.7:*:*:*:advanced:*:*:*

OR cpe:/a:ibm:tivoli_monitoring:6.3.0.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_monitoring:6.3.0.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:9.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_monitoring:6.3.0.7:*:*:*:*:*:*:*

OR cpe:/a:ibm:curam_social_program_management:6.2.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:curam_social_program_management:7.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server_in_cloud:*:*:*:*:liberty:*:*:*

OR cpe:/a:ibm:emptoris_sourcing:*:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_guardium:10.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_monitoring:6.2.3.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_monitoring:6.2.3.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_monitoring:6.2.3.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_monitoring:6.3.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_monitoring:6.3.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_monitoring:6.3.0.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_monitoring:6.3.0.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_monitoring:6.3.0.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_monitoring:6.3.0.7:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server_in_cloud:8.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server_in_cloud:9.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:workload_automation:9.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:workload_automation:9.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:workload_automation:9.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:workload_automation:9.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server_in_cloud:*:*:*:*:liberty:*:*:*

OR cpe:/a:ibm:security_privileged_identity_manager:2.1.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:integration_designer:20.0.0.2:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:26131	P	Security update for xen (Moderate)	2021-09-21
oval:org.opensuse.security:def:26120	P	Security update for xerces-c (Important)	2021-09-03
oval:org.opensuse.security:def:26119	P	Security update for file (Important)	2021-09-02
oval:org.opensuse.security:def:20150899	V	CVE-2015-0899	2021-08-15
oval:org.opensuse.security:def:36570	P	struts-1.2.9-162.37.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:26195	P	Security update for php74 (Important)	2021-02-19
oval:org.opensuse.security:def:26798	P	pam_ldap on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27533	P	perl-DBD-Pg on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26545	P	file-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26837	P	vte on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26323	P	Security update for chromium (Important)	2020-12-01
oval:org.opensuse.security:def:27568	P	struts on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26696	P	file-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26851	P	Mesa-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26404	P	Security update for irssi (Moderate)	2020-12-01
oval:org.opensuse.security:def:26749	P	libgtop on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26895	P	findutils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26461	P	Security update for chromium (Important)	2020-12-01
oval:com.ubuntu.precise:def:20150899000	V	CVE-2015-0899 on Ubuntu 12.04 LTS (precise) - medium.	2016-07-04
oval:com.ubuntu.trusty:def:20150899000	V	CVE-2015-0899 on Ubuntu 14.04 LTS (trusty) - medium.	2016-07-04
oval:org.cisecurity:def:566	P	DSA-3536-1 -- libstruts1.2-java -- security update	2016-07-01