KEV Spotlight: Why CVE-2024-6382 Belongs on Your Critical Vulnerabilities List

Dave HallDave Hall
1 min read

Briefing: High-Priority Vulnerability Update

CISA recently added CVE-2024-6382 to the Known Exploited Vulnerabilities (KEV) catalog, marking it as actively exploited in the wild.

Why This Matters

This vulnerability affects Apache Struts, a Java web application framework still present in many legacy systems.

  • Exploitation allows remote code execution (RCE)

  • No user interaction is required

  • Exploits are already circulating publicly

Affected Versions

  • Apache Struts 2.5.0 to 2.5.31

  • Patched in 2.5.32 (released June 2024)

What You Should Do

  1. Upgrade to Struts 2.5.32 or later

  2. Review any internal or vendor-hosted applications using Apache Struts

  3. Add CVE-2024-6382 to your Critical Vulnerabilities List

  4. Confirm visibility via:

    • Vulnerability scanners (e.g., Qualys QID: TBD)

    • External ASM or attack surface tools

Risk Context

  • Added to KEV: June 10, 2024

  • CVSS Score: 9.8 (Critical)

  • Exploitability: Public POCs confirmed

  • Campaigns: Targeting sectors with exposed web applications

Strategic Relevance

This CVE checks all the major boxes for prioritisation:

  • Appears in the CISA KEV catalog

  • Exploitable with real-world consequences

  • Often found in legacy or hard-to-reach systems

This is not a candidate for backlog. It should be addressed immediately as part of your active Critical Vulnerabilities List response.

0
Subscribe to my newsletter

Read articles from Dave Hall directly inside your inbox. Subscribe to the newsletter, and don't miss out.

vulnerabilityVulnerability management#cybersecurity

Written by

Dave Hall
Dave Hall