Posts by Ciaran McCrisken

1 min Application Security

Apache Struts Vulnerability (CVE-2017-5638) Protection: Scanning with Nexpose

On March 9th, 2017 we highlighted the availability of a vulnerability check in Nexpose for CVE-2017-5638 [https://rapid7.com/db/modules/exploit/multi/http/struts2_content_type_ognl] – see the full blog post describing the Apache Struts vulnerability here [/2017/03/09/apache-jakarta-vulnerability-attacks-in-the-wild]. This check would be performed against the root URI of any HTTP/S endpoints discovered during a scan. On March 10th, 2017 we added an additional check that would work in conjunctio

1 min Nexpose

CVE-2017-3823: Remote Code Execution Vulnerability in Cisco WebEx Browser Plugin

On January 21st 2017, Google's Project Zero disclosed a vulnerability in Cisco's WebEx browser plugin extension that could allow attackers to perform a remote code execution (RCE) exploit on any Windows host running the plugin. An initial fix was pushed out by Cisco that warned a user if they were launching a meeting from a domain other than *.webex.com or *.webex.com.cn, however, the fix was questioned by April King from Mozilla [https://bugs.chromium.org/p/project-zero/issues/detail?id=1096#c

1 min Vulnerability Disclosure

Enhanced vulnerability checks for CVE-2015-4852 and CVE-2015-7501

Back in December 2015, Nexpose added two new potential vulnerability checks: "Remote code execution vulnerability due to unsafe deserialization in Oracle WebLogic Server" (CVE-2015-4852) and "JBoss InvokerTransformer code execution during deserialisation" (CVE-2015-7501). You can read all about it here [/2015/12/19/have-jboss-jenkins-weblogic-websphere-based-applications-brace-yourself-theyve-got-an-unwanted-christmas-present-for-you] . With this week's update, if you scan using credentials, you