it.ucsf.edu

Security Update:Apache Released HIGH Security Update for Apache Struts

Status Type

Security Update

Date and Time

Monday, March 13, 2017 - 12:04

Reason

Security Update

Impact

Apache Strut Users

 

WHAT HAPPENED?
The Apache Software Foundation has released security updates to address a HIGH vulnerability in Struts 2.

Advanced Users: For a complete description of the security enhancements, software enhancements and affected software refer to Apache Security Bulletin S2-045 at https://cwiki.apache.org/confluence/display/WW/S2-045.


AFFECTED SYSTEMS:

  • Struts 2.3.5 - Struts 2.3.31
  • Struts 2.5 - Struts 2.5.10


WHAT’S THE PROBLEM?
Exploitation of one of these vulnerabilities could allow an attacker to control of an affected system.


HOW DO I PROTECT MY WEB SITE?

 

RELATED LINKS