About Apache Struts security alert CVE-2017-5638 and its impact on Adobe LiveCycle and AEM Forms JEE applications

Apache issued a security alert CVE-2017-5638 stating that Apache Struts, versions 2.3.5 – 2.3.31 and 2.5 – 2.5.10, are vulnerable to remote attack while uploading files on Jakarta-based file upload Multipart parser. However, it is fixed in the succeeding Apache Struts versions 2.3.32 and 2.5.10.1.

The alert also clarifies that there are no backward compatibility issues that affect previous Apache Struts versions. Therefore, the vulnerability does not impact Adobe LiveCycle and AEM Forms on JEE customers as they use Apache Struts 1.2.x.

本产品经 Creative Commons Attribution-Noncommercial-Share Alike 3.0 Unported License 许可  Twitter™ 与 Facebook 中的内容不在 Creative Commons 的条款约束之下。

法律声明   |   在线隐私策略