it.ucsf.edu

Security Update:The Apache Software Foundation has released a security advisory to address a vulnerability in Apache Struts

Status Type

Security Update

Date and Time

Tuesday, November 6, 2018 - 11:48

Reason

Security update

Impact

Apache Struts users

WHAT HAPPENED?

The Apache Software Foundation has released a security advisory to address a vulnerability in Apache Struts.

 

Advanced Users: For a complete description of the security advisory go to:

 

AFFECTED SYSTEMS:

  • Struts 2.3.36 and prior

 

WHAT’S THE PROBLEM?

Exploitation of this vulnerability could allow an attacker to take control of an affected system.

 

HOW DO I PROTECT MY WEB SITE

  • Upgrade to Struts 2.3.36and upgrade to the latest released version of Commons File Upload library, which is currently 1.3.3.

 

RELATED LINKS