Question

6
Replies
340
Views
CleberS2 Member since 2017 5 posts
Dell Computadores DO Brasil Ltda
Posted: 3 years ago
Last activity: 3 years ago
Closed
Solved

PRPC SMA v7.1.7 Apache Struts Vulnerability

We are using PRPC System Management version 7.1.7 and there are some vulnerabilities known for Apache Struts in this current version:

The vulnerability is a programming blunder that resides in the way Struts processes data from an untrusted source. Specifically, Struts REST plugin fails to handle XML payloads while reserializing them properly.All versions of Apache Struts since 2008 (Struts 2.1.2 - Struts 2.3.33, Struts 2.5 - Struts 2.5.12) are affected, leaving all web applications using the framework’s REST plugin vulnerable to remote attackers.

Will update SMA to version 7.2.2 prevent us to have this issue, once Apache Struts version 2.5.13 already resolve this problem?

The resolution for this issue would be to update Apache Struts to version 2.5.13 or to remove Struts REST plugin. Can someone help me on this question?

Security
Moderation Team has archived post
Share this page LinkedIn