CVE-2023-34149

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Jun 14, 2023

Updated: Jul 6, 2023

CWE ID 770

Summary

CVE-2023-34149 is a Resource Exhaustion vulnerability affecting Apache Struts versions 2.5.30 and 6.1.2. An attacker could exploit this Allocation of Resources Without Limits or Throttling issue to cause the struts application to consume excessive resources, potentially leading to a Denial of Service condition. To mitigate this vulnerability, it is recommended to upgrade to Apache Struts 2.5.31 or 6.1.2.1 or later versions.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Apache Software Foundation Struts
Apache Struts
Apache Struts 2.2

Affected Vendors

Apache Software Foundation
Apache Corporation

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/rn6Zo-
https://www.cve.org/CVERecord?id=CVE-2023-34149
https://nvd.nist.gov/vuln/detail/CVE-2023-34149

Back to Vulnerability Database