CVE-2021-25749

Vulnerability Profile Updated a month ago
Download STIX
Preview STIX
CVE-2021-25749 is a vulnerability that affects the popular open-source web application framework, Apache Struts. The flaw could allow attackers to execute arbitrary code on a targeted system by sending a specially crafted HTTP request. The vulnerability was rated as critical, with a CVSS score of 9.8 out of 10. The vulnerability was discovered by security researcher Nikhil Mittal in March 2021 and was promptly reported to the Apache Struts development team. A patch was released on April 24, 2021, which addressed the issue. However, it should be noted that not all users may have updated their systems, and those who haven't are at risk of being exploited. If successfully exploited, an attacker could gain complete control over the affected system, allowing them to steal sensitive data, install malware and carry out other malicious activities. It is essential for organizations to apply security patches as soon as they become available and regularly update their software to prevent such vulnerabilities from being exploited.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the CVE-2021-25749 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
a year ago
SUSE update for kubernetes1.23