Cleber Souza (CleberS2)
Dell Computadores DO Brasil Ltda

Dell Computadores DO Brasil Ltda
CleberS2 Member since 2017 5 posts
Dell Computadores DO Brasil Ltda
Posted: September 8, 2017
Last activity: October 13, 2017
Posted: 8 Sep 2017 16:17 EDT
Last activity: 13 Oct 2017 9:22 EDT

PRPC SMA v7.1.7 Apache Struts Vulnerability

We are using PRPC System Management version 7.1.7 and there are some vulnerabilities known for Apache Struts in this current version:

The vulnerability is a programming blunder that resides in the way Struts processes data from an untrusted source. Specifically, Struts REST plugin fails to handle XML payloads while reserializing them properly. All versions of Apache Struts since 2008 (Struts 2.1.2 - Struts 2.3.33, Struts 2.5 - Struts 2.5.12) are affected, leaving all web applications using the framework’s REST plugin vulnerable to remote attackers.

Will update SMA to version 7.2.2 prevent us to have this issue, once Apache Struts version 2.5.13 already resolve this problem?

The resolution for this issue would be to update Apache Struts to version 2.5.13 or to remove Struts REST plugin. Can someone help me on this question?

Moderation Team has archived post, This thread is closed to future replies. Content and links will no longer be updated. If you have the same/similar Question, please write a new Question.