CVE-2016-10917

Vulnerability Profile Updated a month ago
Download STIX
Preview STIX
CVE-2016-10917 is a vulnerability that affects the Apache Struts2 framework, which is widely used for developing enterprise-grade Java web applications. The flaw allows remote attackers to execute arbitrary code on the affected server by sending specially crafted requests to the application. This vulnerability was assigned a severity score of 10 out of 10, indicating the high level of risk posed by the flaw. The vulnerability was first discovered in March 2017, and by May of the same year, cybercriminals launched an attack using this exploit. The attack exploited the vulnerability to deploy ransomware known as "WannaCry," which infected hundreds of thousands of computers worldwide and caused massive disruption. The exploit was also used in other attacks, such as the Equifax data breach, which exposed sensitive personal information of millions of people. Apache Struts2 quickly released a patch to address the vulnerability, urging all users to upgrade their systems immediately. However, many organizations failed to apply the patch promptly, leaving their systems vulnerable to attacks. This incident highlights the importance of promptly applying security patches and keeping software up to date to minimize the risk of exploitation.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the CVE-2016-10917 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
a year ago
Close Quarters Encounters with Third Generation Malware Compels UK and Danish Municipalities to Remodel Vulnerability Management Safeguards