According to Equifax the data breach that exposed sensitive data of 143 million people was caused by exploiting a vulnerability in Apache struts web framework which is used to build its web application.
According to Equifax the data breach that exposed sensitive data of 143 million people was caused by exploiting a vulnerability in Apache struts web framework which is used to build its web application. The vulnerability (CVE-2017-5638) was fixed by Apache back in the early march itself. Equifax says, the breach happened in the middle of may which means the Equifax team failed to patch the vulnerability even though the patch was available. “Equifax has been intensely investigating the scope of the intrusion with the assistance of a leading, independent cyber security firm to determine what information was accessed and who has been impacted. We know that criminals exploited a U.S. website application vulnerability. The vulnerability was Apache Struts CVE-2017-5638. We continue to work with law enforcement as part of our criminal investigation and have shared indicators of compromise with law enforcement.” company said in an updated post on their website. CVE-2017-5638 was a zero day vulnerability discovered by Cisco's Threat intelligence firm Talos in Apache's struts web application framework. The vulnerability in the Apache struts web framework was fixed on March 6, and three days later, the attackers started exploiting the flaw to install a rogue application on web servers. Apache struts is a free, open source MVC framework used for developing Java web applications which run on both frontend and backend web servers. It is used across the fortune 100 companies develop web applications in Java.