Apache Struts Vulnerability (CVE-2017-9805)

Sep 13, 2017
Administrator

This notice is informational only and does not affect ANY of PaperClip's services.

On September 6, 2017, the Apache Foundation released information on three seperate vulnerabilities affecting Apache Struts. One of the vulnerabilities (CVE-2017-9805) takes advantage of a weakness in the Struts REST plugin.

Successful exploitation would allow a remote attacker to execute arbitrary code and potentially take control of the system. The following applications/systems are affected by this vulnerability as listed in the Apache Security Bulletin S2-052 description:

  • Apache Struts 2.1.2 - Struts 2.3.34
  • Apache Struts 2.5 - Struts 2.5.12

Further details regarding this vulnerability can be found on Apache's website:

Apache Struts Security Bulletin – Critical:
https://cwiki.apache.org/confluence/display/WW/S2-052
http://struts.apache.org/docs/s2-052.html

Apache Struts Vulnerability CVE-2017-9805:
https://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-9805

PaperClip Support

CSA

web seal SOC2T2 145

Need Support?
helpdesk@paperclip.com
Phone:
1-800-929-3503
1-201-881-1299
Need Sales?
contactus@paperclip.com
Back to top