What is CVE-2011-5057?

CVE-2011-5057 is a vulnerability in Apache Struts, classified under CWE-264. Published 2012-01-08.

Is CVE-2011-5057 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Apache Struts

CVE-2011-5057

Apache Struts 2.3.1.2 and earlier, 2.3.19-2.3.23, provides interfaces that do not properly restrict access to collections such as the session and request collections, which might allow remote attackers to modify run-time data values via a…

EPSS: 0.529 (98.0th percentile) — read the EPSS interpretation.

Affected products

Apache Struts
N/a — versions n/a

Weakness classification (CWE)

CWE-264

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

cve@mitre.org (x_refsource_CONFIRM, Issue Tracking, Vendor Advisory)
47109 (Permissions Required, x_refsource_SECUNIA, third-party-advisory)
cve@mitre.org (x_refsource_CONFIRM, Issue Tracking, Vendor Advisory)
cve@mitre.org (Third Party Advisory, x_refsource_MISC)

Frequently asked questions

What is CVE-2011-5057?: CVE-2011-5057 is a vulnerability in Apache Struts, classified under CWE-264. Published 2012-01-08.
Is CVE-2011-5057 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.