CVE-2012-0391 — Apache Struts 2 Improper Input Validation Vulnerability
2022-01-21 • CISA Known Exploited Vulnerability
[event] The ExceptionDelegator component in Apache Struts 2 before 2.2.3.1 contains an improper input validation vulnerability that allows for remote code execution.
> AFFECTED SOFTWARE
| Field | Value |
|---|---|
| Vendor | Apache |
| Product | Struts 2 |
| CWE | CWE-20 |
| CVE ID | CVE-2012-0391 |
| Date Added | 2022-01-21 |
| Due Date | 2022-07-21 |
| Ransomware Campaign | Unknown |
> MITIGATION
Apply updates per vendor instructions.
Due Date: 2022-07-21