it.ucsf.edu

Security Update:The Apache Software Foundation has released two medium security bulletins to address vulnerabilities in Apache Struts

Status Type

Security Update

Date and Time

Tuesday, December 5, 2017 - 13:34

Reason

Security Update

Impact

Apache Struts users

WHAT HAPPENED?

The Apache Software Foundation has released two medium security bulletins to address vulnerabilities in Apache Struts.

 

Advanced Users: For a complete description of the security advisory go to:

 

AFFECTED SYSTEMS:

  • Apache Struts versions 2.5 to 2.5.14

 

WHAT’S THE PROBLEM?

Exploitation of one of these vulnerabilities could allow an attacker to control of an affected system.

 

HOW DO I PROTECT MY WEB SITE?

  • Users and administrators are encouraged to review the Apache Security bulletins listed above and upgrade to Struts 2.5.14.1.

 

RELATED LINKS