This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
NetWitness Platform Product Advisories
Read and subscribe to the latest announcements and advisories relating to the NetWitness Platform.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Threat Content Advisory: Apache Struts - CVE-2017-9805

Summary

The Apache Software Foundation has patched a vulnerability identified as CVE-2017-9805. The vulnerability affects all versions of Apache Struts since 2008. In response to this we have created and released a parser to help identify systems exploited by the vulnerability. Upon this parser matching network traffic you'll see "apache struts CVE-2017-9805 attempt" appear in the 'Indicators of Compromise' meta-key and the command that was included in the exploit attempt will be present in the 'Action' meta-key. The parser, 'struts_exploit', is now available in RSA NetWitness Live.

 

Here's a sample attack that our researchers have seen in the wild:

pastedImage_4.png

 

EOPS Policy

RSA has a defined End of Primary Support policy associated with all major versions. Please refer to the Product Version Life Cycle for additional details.
Was this article helpful? Yes No
No ratings

In this article

Version history
Last update:
‎2017-09-08 05:32 PM
Updated by:
Employee

Related Content

© 2022 RSA Security LLC or its affiliates. All rights reserved.