An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a malicious file which can be used to perform Remote Code Execution. Users are recommended to upgrade to versions Struts 2.5.33 or Struts 6.3.0.2 or greater to fix this issue.

Apache Struts is a popular target amongst threat actors and the release of proof-of-concept (PoC) code along with at least 2 write-ups analyzing the patch provide attackers with insight on how to craft and weaponize this vulnerability against unpatched Apache Struts applications. The Shadowserver scanning platform has warned that attempts to exploit this have been observed in the wild and we anticipate that threat actors will continue to modify the public PoC code in order to weaponize this exploit.

The versions of MySQL Enterprise Monitor installed on the remote host are affected by multiple vulnerabilities as referenced in the January 2024 CPU advisory.

  - Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/C++ (OpenSSL)).     Supported versions that are affected are 8.2.0 and prior. Easily exploitable vulnerability allows     unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors.     Successful attacks of this vulnerability can result in unauthorized access to critical data or complete     access to all MySQL Connectors accessible data. (CVE-2023-5363)

  - Vulnerability in the MySQL Enterprise Monitor product of Oracle MySQL (component: Monitoring: General     (Apache Tomcat)). Supported versions that are affected are 8.0.36 and prior. Easily exploitable     vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise     MySQL Enterprise Monitor. Successful attacks of this vulnerability can result in unauthorized creation,     deletion or modification access to critical data or all MySQL Enterprise Monitor accessible data.
    (CVE-2023-46589)

  - Vulnerability in the MySQL Enterprise Monitor product of Oracle MySQL (component: Monitoring: General     (Apache Struts)). Supported versions that are affected are 8.0.36 and prior. Easily exploitable     vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise     MySQL Enterprise Monitor. Successful attacks of this vulnerability can result in takeover of MySQL     Enterprise Monitor. (CVE-2023-50164)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of Adobe Experience Manager installed on the remote host is prior to 6.5.19.1. It is, therefore, affected by a vulnerability as referenced in the APSB23-77 advisory.

  - An attacker can manipulate file upload params to enable paths traversal and under some circumstances this     can lead to uploading a malicious file which can be used to perform Remote Code Execution. Users are     recommended to upgrade to versions Struts 2.5.33 or Struts 6.3.0.2 or greater to fix this issue.
    (CVE-2023-50164)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a malicious file which can be used to perform Remote Code Execution.

Please see the included Cisco BIDs and Cisco Security Advisory for more information.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Apache Struts installed on the remote host is prior to 2.5.33 or 6.3.0.2. It is, therefore, affected by a vulnerability as referenced in the S2-066 advisory.

  - An attacker can manipulate file upload params to enable paths traversal and under some circumstances this     can lead to uploading a malicious file which can be used to perform Remote Code Execution.
    (CVE-2023-50164)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
189239	Oracle MySQL Enterprise Monitor (January 2024 CPU)	Nessus	CGI abuses	critical
187667	Adobe Experience Manager 6.0.0.0 < 6.5.19.1 Arbitrary code execution (APSB23-77)	Nessus	Misc.	critical
187166	Cisco Identity Services Engine RCE (cisco-sa-struts-C2kCMkmT)	Nessus	CISCO	critical
186643	Apache Struts 2.5.0 < 2.5.33 / 6.0.0 < 6.3.0.2 Remote Code Execution (S2-066)	Nessus	Misc.	critical

Detections

Analytics

CVE-2023-50164

critical

Tenable Plugins

critical

critical

critical

critical