Apache Struts — Remote Code Execution — CVE-2017–5638
On March 7th a critical vulnerability was announced in the Apache Struts framework, a popular web development toolkit that is commonly used in internet-facing systems.
The vulnerability (tracked as CVE-2017–5638) was particularly nasty as it did not require the developer to have used any particular functionality in the framework. In many cases the vulnerable component may have been installed and have been just sitting there redundant, not in use but exposing a critical weakness to the internet.
Example attack code has already been shared online, and reports were not far behind of this vulnerability being actively exploited in the wild.
While there are plenty of other articles discussing the technical details of the flaw, the immediate questions for most businesses are simple.
- Do you have the capability to check your systems for this weakness?
- Have you already checked for this flaw across your internet-facing estate, and kicked off urgent remediation activity where it is detected?
Intruder was founded on the principle that rapid responses to such emerging threats will become more and more necessary and more and more important over time. Therefore, as part of our “Intruder Pro” service offering, we have already scanned all of our customer’s systems, and either notified them of their weaknesses or notified them of their continued security.
These emerging threats can seriously impact your security, and we are glad to have been able to help our customers already. But for anyone else out there who’s still unsure, there’s always our free trial. ;)