SoylentNews
SoylentNews is people
https://soylentnews.org/

Title    Apache Struts Flaw Reportedly Exploited in Equifax Hack
Date    Tuesday September 12 2017, @06:26AM
Author    Fnord666
Topic   
from the oops dept.
https://soylentnews.org/article.pl?sid=17/09/11/2147223

MrPlow writes:

Submitted via IRC for SoyCow1937

A vulnerability affecting the Apache Struts 2 open-source development framework was reportedly used to breach U.S. credit reporting agency Equifax and gain access to customer data.

Equifax revealed last week that hackers had access to its systems between mid-May and late July. The incident affects roughly 143 million U.S. consumers, along with some individuals in the U.K. and Canada.

The compromised information includes names, social security numbers, dates of birth, addresses and, in some cases, driver's license numbers. The credit card numbers of roughly 209,000 consumers in the United States and dispute documents belonging to 182,000 people may have also been stolen by the attackers.

Equifax only said that "criminals exploited a U.S. website application vulnerability to gain access to certain files." However, financial services firm Baird claimed the targeted software was Apache Struts, a framework used by many top organizations to create web applications.

"Our understanding is that data entered (and retained) through consumer portals/interactions (consumers inquiring about their credit reports, disputes, etc.) and data around it was breached via the Apache Struts flaw," Baird said in a report.

Some jumped to conclude that it was the recently patched and disclosed CVE-2017-9805, a remote code execution vulnerability that exists when the REST plugin is used with the XStream handler for XML payloads. This flaw was reported to Apache Struts developers in mid-July and it was addressed on September 5 with the release of Struts 2.5.13.

The security hole is now being exploited in the wild, but there had been no evidence of exploitation before the patch was released.

Source: http://www.securityweek.com/apache-struts-flaw-reportedly-exploited-equifax-hack

Original Submission

Links
  1. "MrPlow" - https://soylentnews.org/~MrPlow/
  2. "hackers had access to its systems" - http://www.securityweek.com/equifax-breach-143-million-affected-hack-us-credit-agency-equifax
  3. "report" - https://baird.bluematrix.com/docs/pdf/dbf801ef-f20e-4d6f-91c1-88e55503ecb0.pdf
  4. "jumped to conclude" - https://qz.com/1073221/the-hackers-who-broke-into-equifax-exploited-a-nine-year-old-security-flaw/
  5. "remote code execution vulnerability" - http://www.securityweek.com/exploit-available-critical-apache-struts-vulnerability
  6. "exploited in the wild" - http://www.securityweek.com/hackers-exploit-recently-patched-apache-struts-flaw
  7. "Original Submission" - https://soylentnews.org/submit.pl?op=viewsub&subid=22229
© Copyright 2024 - SoylentNews, All Rights Reserved

printed from SoylentNews, Apache Struts Flaw Reportedly Exploited in Equifax Hack on 2024-05-03 09:39:04