An access permission override in Apache Struts 2.0.0 to 2.5.20 may cause a Denial of Service when performing a file upload.
References
Link | Resource |
---|---|
https://cwiki.apache.org/confluence/display/ww/s2-060 | Vendor Advisory |
https://launchpad.support.sap.com/#/notes/2982840 | Permissions Required Third Party Advisory |
https://www.oracle.com/security-alerts/cpujan2021.html | Patch Third Party Advisory |
https://www.oracle.com/security-alerts/cpuApr2021.html | Patch Third Party Advisory |
https://www.oracle.com/security-alerts/cpuoct2021.html | Patch Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Information
Published : 2020-09-14 10:15
Updated : 2022-04-18 08:23
NVD link : CVE-2019-0233
Mitre link : CVE-2019-0233
JSON object : View
CWE
CWE-281
Improper Preservation of Permissions
Products Affected
oracle
- mysql_enterprise_monitor
- financial_services_market_risk_measurement_and_management
- communications_policy_management
- financial_services_data_integration_hub
apache
- struts