Apache Struts setup in Debug-Mode
Apache Struts system was detected in debug mode.
- logs
- struts
- apache
- exposure
- setup
Apache Struts is a lightweight framework designed to provide basic structure for web applications. It is used to develop complex web applications that require independent modules to build. In the debug mode, Struts shows the information that is logged by the system. This will give the attacker a chance to get the information regarding the configuration of the system, which can be used to carry out a number of attacks.
Impact
It is possible that an attacker can extract the configuration and other sensitive information from production servers and then use it as a starting point for other attacks.
Solution
If the web application is not in production, disable “Debug Mode”.
Was this page helpful?