About Apache Struts security alert CVE-2017-5638 and its impact on Adobe LiveCycle and AEM Forms JEE applications

Apache issued a security alert CVE-2017-5638 stating that Apache Struts, versions 2.3.5 – 2.3.31 and 2.5 – 2.5.10, are vulnerable to remote attack while uploading files on Jakarta-based file upload Multipart parser. However, it is fixed in the succeeding Apache Struts versions 2.3.32 and 2.5.10.1.

The alert also clarifies that there are no backward compatibility issues that affect previous Apache Struts versions. Therefore, the vulnerability does not impact Adobe LiveCycle and AEM Forms on JEE customers as they use Apache Struts 1.2.x.

Dit werk is gelicentieerd onder de Creative Commons Naamsvermelding/Niet-commercieel/Gelijk delen 3.0 Unported-licentie  De voorwaarden van Creative Commons zijn niet van toepassing op Twitter™- en Facebook-berichten.

Juridische kennisgevingen   |   Online privacybeleid