By clicking "Accept", you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.

View all Vulnerabilities

CVE-2023-34396

Denial of Service

Affects

Apache Struts

<1.3.10, >=2.0.5 <2.5.31, >=6.0.0 <6.1.2.1

Struts

Patch Available

This Vulnerability has been fixed in the Never-Ending Support (NES) version offered by HeroDevs

View NES Solution

Overview

Apache Struts is a popular open-source web application framework for developing Java EE web applications. It provides robust support for creating modern Java-based enterprise applications.

‍

A Denial of Service (DoS) vulnerability (CVE-2023-34396) has been reported in Apache Struts, which allows attackers to manipulate input to cause a Denial of Service.

‍

Per America’s Cyber Defense Agency, a denial-of-service attack occurs when legitimate users are unable to access information systems, devices, or other network resources due to the actions of a malicious cyber threat actor. Services affected may include email, websites, online accounts (e.g., banking), or other services that rely on the affected computer or network. A denial-of-service condition is accomplished by flooding the targeted host or network with traffic until the target cannot respond or simply crashes, preventing access for legitimate users. DoS attacks can cost an organization both time and money while their resources and services are inaccessible.

‍

This issue affects multiple versions of Apache Struts.

‍

Details

Module Info

Product: Apache Struts
Affected packages: struts, struts-core, struts2-core
Affected versions: <1.3.10, >=2.0.5 <2.5.31, >=6.0.0 <6.1.2.1
GitHub repository: https://github.com/apache/struts
Package manager: Maven
Fixed in: NES for Apache Struts Struts 1 v1.1.1, v1.3.12

‍

Vulnerability Info

The vulnerability arises when Struts processes multipart requests containing non-file form fields. In previous versions, Struts would load these form fields into memory as Strings without performing any size checks. This lack of validation could lead to memory-related issues, such as excessive memory consumption, potentially making the application susceptible to Denial of Service (DoS) attacks through large form submissions.

‍

Steps To Reproduce

On a vulnerable struts application with file upload construct a multipart request for the upload action. Replace {REPLACE} with a large amount of text. When submitted the applications memory usage should increase.

POST /upload-submit.do HTTP/1.1
User-Agent: Struts-examples XSS-TEST
Content-Type: multipart/form-data; boundary=---------------------------41901161044225432961947041

-----------------------------41901161044225432961947041
Content-Disposition: form-data; name="theText"

{REPLACE}
-----------------------------41901161044225432961947041
Content-Disposition: form-data; name="theFile"; filename="1.txt"
Content-Type: text/html

ABC
-----------------------------41901161044225432961947041--