Apache.Struts.MPV.Input.Validation.Bypass

description-logoDescription

This indicates an attack attempt to exploit a Security Bypass vulnerability in Apache Struts.
The vulnerability is caused by an error in MultiPageValidator when handles requests with malicious page parameter. A remote attacker may be able to exploit this to bypass access restrictions via a crafted HTTP request.

affected-products-logoAffected Products

Struts 1.x through 1.3.10

Impact logoImpact

Security Bypass: Remote attackers can bypass security checking of vulnerable systems.

recomended-action-logoRecommended Actions

Apply patch, available from the web site.
https://osdn.net/projects/terasoluna/wiki/StrutsPatch2-EN

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)