Security Update:Apache Released HIGH Security Update for Apache Struts
Status Type
Security Update
Date and Time
Monday, March 13, 2017 - 12:04
Reason
Security Update
Impact
Apache Strut Users
WHAT HAPPENED?
The Apache Software Foundation has released security updates to address a HIGH vulnerability in Struts 2.
Advanced Users: For a complete description of the security enhancements, software enhancements and affected software refer to Apache Security Bulletin S2-045 at https://cwiki.apache.org/confluence/display/WW/S2-045.
AFFECTED SYSTEMS:
- Struts 2.3.5 - Struts 2.3.31
- Struts 2.5 - Struts 2.5.10
WHAT’S THE PROBLEM?
Exploitation of one of these vulnerabilities could allow an attacker to control of an affected system.
HOW DO I PROTECT MY WEB SITE?
- Users and administrators are encouraged to review the Apache Security Bulletin S2-045 at https://cwiki.apache.org/confluence/display/WW/S2-045
- Upgrade to Struts 2.3.32 or Struts 2.5.10.1
RELATED LINKS
- IT Security - https://it.ucsf.edu/security
- 2004 reads
- Printer-friendly version
- PDF version