IBM Support

IV61039: APACHE STRUTS 1.X ZERO DAY VULNERABILITY CVE-2014-0114

Subscribe

You can track all active APARs for this component.

APAR status

  • Closed as program error.

Error description

  • Apache Struts 1.X could allow a remote attacker to execute
    arbitrary code on the system, caused by the failure to restrict
    the setting of Class Loader attributes. An attacker could
    exploit this vulnerability using the class parameter of an
    ActionForm object to manipulate the ClassLoader and execute
    arbitrary code on the system. There is partial impact to
    confidentiality, integrity, and availability.
    

Local fix

Problem summary

  • Code mitigation is in place in 7.2.2 Patch 2 IF01
    

Problem conclusion

  • Code migitation was used to correct this vulnerability and the
    fix will be included in all future releases.
    

Temporary fix

Comments

APAR Information

  • APAR number

    IV61039

  • Reported component name

    QRADAR SOFTWARE

  • Reported component ID

    5725QRDSW

  • Reported release

    722

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2014-06-02

  • Closed date

    2014-06-03

  • Last modified date

    2014-06-03

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

    IV61058 IV61061

Fix information

  • Fixed component name

    QRADAR SOFTWARE

  • Fixed component ID

    5725QRDSW

Applicable component levels

  • R722 PSY

       UP



Document information

More support for: IBM QRadar SIEM

Software version: 722

Reference #: IV61039

Modified date: 03 June 2014


Translate this page: