About Apache Struts security alert CVE-2017-5638 and its impact on Adobe LiveCycle and AEM Forms JEE applications

Apache issued a security alert CVE-2017-5638 stating that Apache Struts, versions 2.3.5 – 2.3.31 and 2.5 – 2.5.10, are vulnerable to remote attack while uploading files on Jakarta-based file upload Multipart parser. However, it is fixed in the succeeding Apache Struts versions 2.3.32 and 2.5.10.1.

The alert also clarifies that there are no backward compatibility issues that affect previous Apache Struts versions. Therefore, the vulnerability does not impact Adobe LiveCycle and AEM Forms on JEE customers as they use Apache Struts 1.2.x.

Šis darbs ir licencēts saskaņā ar Creative Commons Attribution-Noncommercial-Share Alike 3.0 Unported licenci  Uz portālā Twitter™ un Facebook izvietotajiem ziņojumiem neattiecas Creative Commons sistēmas noteikumi.

Juridisks paziņojums   |   Tiešsaistes konfidencialitātes politika