U.S. Flag Official website of the Department of Homeland Security

Apache Software Foundation Releases Security Update

TLP:WHITE
Original release date: September 06, 2017 | Last revised: September 11, 2017

The Apache Software Foundation has released a security update to address a vulnerability in Struts 2. A remote attacker could exploit this vulnerability to take control of an affected system.

US-CERT encourages users and administrators to review the Apache Security Bulletin and Vulnerability Note VU#112992 and upgrade to Struts 2.5.13 or 2.3.34.

This product is provided subject to this Notification and this Privacy & Use policy.

Was this document helpful?  Yes  |  Somewhat  |  No

Back to Top