The Apache Struts vulnerability CVE-2023-50164, with a critical CVSS score of 9.8, poses a significant threat to a wide range of industries. This newly reported vulnerability enables remote code execution, and its exploitation is already evident in the wild.
Apache Struts is an open-source web application framework for developing Java EE web applications. It leverages the Model View Controller (MVC) architecture, which is a widely used design pattern for separating an application's business logic from its user interface.
Considering its widespread usage and adoption in critical industries, any vulnerability in Apache Struts is looked upon with high priority by enterprises. In the past, attackers have exploited the struts' vulnerabilities to target large enterprise organizations as well. The Equifax breach in 2017 happened because of exploitation of Apache Struts CVE-2017-5638 vulnerability.
In this blog, we reveal the details about the vulnerability and the nature of CVE-2023-50164, its potential impacts, and the immediate actions required to mitigate this critical threat, offering insights and solutions to help secure your digital infrastructure against this alarming security lapse.
Article Link: Apache Struts Vulnerability CVE-2023-50164: Cybersecurity Advisory