About Apache Struts security alert CVE-2017-5638 and its impact on Adobe LiveCycle and AEM Forms JEE applications

Apache issued a security alert CVE-2017-5638 stating that Apache Struts, versions 2.3.5 – 2.3.31 and 2.5 – 2.5.10, are vulnerable to remote attack while uploading files on Jakarta-based file upload Multipart parser. However, it is fixed in the succeeding Apache Struts versions 2.3.32 and 2.5.10.1.

The alert also clarifies that there are no backward compatibility issues that affect previous Apache Struts versions. Therefore, the vulnerability does not impact Adobe LiveCycle and AEM Forms on JEE customers as they use Apache Struts 1.2.x.

Questo prodotto è concesso in licenza in base alla licenza di Attribuzione-Non commerciale-Condividi allo stesso modo 3.0 Unported di Creative Commons.  I post su Twitter™ e Facebook non sono coperti dai termini di Creative Commons.

Note legali   |   Informativa sulla privacy online