CVE-2012-0394

** DISPUTED ** The DebuggingInterceptor component in Apache Struts before 2.3.1.1, when developer mode is used, allows remote attackers to execute arbitrary commands via unspecified vectors. NOTE: the vendor characterizes this behavior as not "a security vulnerability itself."
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:*

Information

Published : 2012-01-08 07:55

Updated : 2021-01-07 11:00


NVD link : CVE-2012-0394

Mitre link : CVE-2012-0394


JSON object : View

CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')

Advertisement

dedicated server usa

Products Affected

apache

  • struts