DX NetOps

Expand all | Collapse all

CVE-2017-5638 - Struts 2 Vulnerability

  • 1.  CVE-2017-5638 - Struts 2 Vulnerability

    Posted 09-12-2017 08:41 AM

    As I am sure everyone is fully aware by now regarding the very large data breach at Equifax utilizing vulnerabilty CVE-2017-5638 within Struts 2.

     

    As a response, we looked into CA Spectrum 10.x releases to see if we are vulnerable with the version we ship.

    Turns out, we are NOT vulnerable in 10.2.1, but are in previous versions.

     

    Please see this KB for details:

     

    https://support.ca.com/us/knowledge-base-articles.TEC1950433.html 

     

    (Note: This was just written, it may take a few minutes to populate to the support.ca.com website)



  • 2.  Re: CVE-2017-5638 - Struts 2 Vulnerability

    Posted 09-12-2017 08:47 AM

    Also for customers running CAPC / CAPM - it is not affected:

     

    Does CVE-2017-9805 afect CAPM