CYBER NEWS

CVE-2018-11776: New Critical Struts falha poderia ser pior do que Equifax

Uma nova vulnerabilidade foi descoberta - o tipo que poderia vir pior do que aquele que provocou a quebra Equifax. A vulnerabilidade foi identificada como CVE-2018-11776, residente em funcionalidade principal do Apache Strut. It is a remote code execution vulnerability that affects all supported versions of Apache Struts 2.




Last year’s Equifax breach also involved a security flaw in Apache Struts, so the discovery of an even more dangerous loophole is quite alarming. The new vulnerability, CVE-2018-11776, is located in the open source Web framework, and according to security experts it could surpass the damage we witnessed in 2017.

CVE-2018-11776 Technical Overview

This latest Struts vulnerability was descoberto by researcher Man Yue Mo who is part of the Semmle research team. CVE-2018-11776 resides in the core functionality of Struts, and it could allow remote code execution when the framework is configured in specific ways.

According to Glen Pendley, deputy CTO at Tenable, the vulnerability doesn’t exist because of configurations but when the system is configured in a certain way, attackers can exploit vulnerabilities in Struts.

As explained by Semmle:

This new remote code execution vulnerability affects all supported versions of Apache Struts 2. A patched version has been released today. Users of Struts 2.3 are strongly advised to upgrade to 2.3.35; users of Struts 2.5 need to upgrade to 2.5.17. The vulnerability is located in the core of Apache Struts. All applications that use Struts are potentially vulnerable, even when no additional plugins have been enabled.

Semmle’s Security Research Team estimated that finalmente 65% of Fortune 500 companies use Struts in some of their web applications meaning that the flaw could have wide implications across the Internet.

What is worse is that it turns out that the part of the framework that CVE-2018-11776 touches is potentially far more impactful than earlier vulnerabilities. The endpoints are far more widely used, no Pendley’s words.

Story relacionado: CVE-2017-5638 Patchado, mas ainda está em ataque, Empresas em Risco

Semmle researchers co-operated with the Apache Foundation to disclose the flaw in a responsive manner. A set of atualizações de software has also been released, alongside the vulnerability’s public disclosure.

Organizations and developers who use Struts are urgently advised to upgrade their Struts components immediately, Semmle warns. Previous disclosures of other critical vulnerabilities have resulted in exploits being published within a day, putting critical infrastructure and customer data at risk, a empresa adiciona.

Ano passado, millions of American citizens had their social security numbers stolen due to a critical vulnerability exploited in the infamous Equifax Hack. The security breach affected one of the largest credit reporting companies operating in the USA. As a result of the malicious intrusion the hackers behind the attack were able to obtain information on over 40% of the whole country’s population.

Milena Dimitrova

Milena Dimitrova

Um escritor inspirado e gerenciador de conteúdo que foi com SensorsTechForum desde o início. Focada na privacidade do usuário e desenvolvimento de malware, ela acredita fortemente em um mundo onde a segurança cibernética desempenha um papel central. Se o senso comum não faz sentido, ela vai estar lá para tomar notas. Essas notas podem mais tarde se transformar em artigos! Siga Milena @Milenyim

mais Posts

Me siga:
Twitter

Deixe um comentário

seu endereço de e-mail não será publicado. Campos obrigatórios são marcados *

limite de tempo está esgotado. Recarregue CAPTCHA.

Compartilhar no Facebook Compartilhar
Carregando...
Compartilhar no Twitter chilrear
Carregando...
Compartilhar no Google Plus Compartilhar
Carregando...
Partilhar no Linkedin Compartilhar
Carregando...
Compartilhar no Digg Compartilhar
Compartilhar no Reddit Compartilhar
Carregando...
Partilhar no StumbleUpon Compartilhar
Carregando...