Signature Detail

HTTP: Apache Struts 2 Multiple URI Parameters Arbitrary Redirection

This signature detects attempts to exploit a known vulnerability in Apache Struts 2. It is due to insufficient validation of user-supplied input. A successful attack could allow the attacker to redirect victims to malicious sites hosting exploits that may aid in further exploitation.

Extended Description

Multiple open redirect vulnerabilities in Apache Struts 2.0.0 through 2.3.15 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in a parameter using the (1) redirect: or (2) redirectAction: prefix.

Affected Products

• Apache struts 2.0.0
• Apache struts 2.0.1
• Apache struts 2.0.10
• Apache struts 2.0.11
• Apache struts 2.0.11.1
• Apache struts 2.0.11.2
• Apache struts 2.0.12
• Apache struts 2.0.13
• Apache struts 2.0.14
• Apache struts 2.0.2
• Apache struts 2.0.3
• Apache struts 2.0.4
• Apache struts 2.0.5
• Apache struts 2.0.6
• Apache struts 2.0.7
• Apache struts 2.0.8
• Apache struts 2.0.9
• Apache struts 2.1.0
• Apache struts 2.1.1
• Apache struts 2.1.2
• Apache struts 2.1.3
• Apache struts 2.1.4
• Apache struts 2.1.5
• Apache struts 2.1.6
• Apache struts 2.1.8
• Apache struts 2.1.8.1
• Apache struts 2.2.1
• Apache struts 2.2.1.1
• Apache struts 2.2.3
• Apache struts 2.2.3.1
• Apache struts 2.3.1
• Apache struts 2.3.1.1
• Apache struts 2.3.12
• Apache struts 2.3.1.2
• Apache struts 2.3.14
• Apache struts 2.3.14.1
• Apache struts 2.3.14.2
• Apache struts 2.3.14.3
• Apache struts 2.3.15
• Apache struts 2.3.3
• Apache struts 2.3.4
• Apache struts 2.3.4.1
• Apache struts 2.3.7
• Apache struts 2.3.8

References

• BugTraq: 61196
• CVE: CVE-2013-2248