You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa Apache Struts 2

Sigurnosni nedostaci programskog paketa Apache Struts 2

  • Detalji os-a: WN7
  • Važnost: URG
  • Operativni sustavi: L
  • Kategorije: CIS

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

Cisco Security Advisory: Multiple Vulnerabilities in Apache Struts 2 Affecting Cisco Products: September 2017

Advisory ID: cisco-sa-20170907-struts2

Revision: 1.0

For Public Release: 2017 September 7 21:00 GMT

Last Updated: 2017 September 7 21:00 GMT

CVE ID(s): CVE-2017-9793, CVE-2017-9804, CVE-2017-9805

+———————————————————————

Summary
=======
On September 5, 2017, the Apache Software Foundation released security bulletins that disclose three vulnerabilities in the Apache Struts 2 package. Of these vulnerabilities, the Apache Software Foundation classifies one as Critical Severity, one as Medium Severity, and one as Low Severity. For more information about the vulnerabilities, refer to the Details [“#details”] section of this advisory.

Multiple Cisco products incorporate a version of the Apache Struts 2 package that is affected by these vulnerabilities.

This advisory will be updated as additional information becomes available.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170907-struts2 [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170907-struts2”]

—–BEGIN PGP SIGNATURE—–

iQKBBAEBAgBrBQJZsbsrZBxDaXNjbyBTeXN0ZW1zIFByb2R1Y3QgU2VjdXJpdHkg
SW5jaWRlbnQgUmVzcG9uc2UgVGVhbSAoQ2lzY28gUFNJUlQga2V5IDIwMTYtMjAx
NykgPHBzaXJ0QGNpc2NvLmNvbT4ACgkQrz2APcQAkHkl6RAAkS5YpcqIQcXb87LH
IraKAiu9NB8T7TPzq55QR97iIvGFjWzjOgVXpckl5+Zosy2URhzyhIA+bx6CwNVB
sMXuC/4sdvnTVNuSa9XnuEH103t2OBgEArxLMltTjUlgr5a/WFa2prFCzF/EjXu4
ZtJWEEelHahIx5DLC7vZM1fFm/GSysSfTNvvtEkhdITHW3BCprHfQI7M+Ak7RQKj
8jwTv4LAkAzXk6AG7f0oR8fPFyPLI5H93B35ynZgVeEWkJ1SUJ8gKnrzyg2644Qa
UU2sajTyE8Q55YtXY9O0sdA6IpxMuemOvdifEFY5nNyI2p0QBPHyqlsDdSLj1WW9
DljRYJWtbJ7Co6yYMCLDZloGR+h1+00Wt7X/KMgdYzIZ5AS0uFa22V75u35b186y
e+9pg55zpGfORGhf6OnJ0NDo2oCk0P3XyMtYp0tY71gwHHVnqeNK88vWSQWGF6xG
EgwHm8XFaRZYfVlRGpU5iWUf3Iu2ppCX24WO4ocvzVHym3dNpHT3gMgV7T01vQQo
zZUm1pPTFspF4+Jx4Ig+S2J9QbgcS+vMaxTjmDBdzw4dzMdgLkEHPf2irscMmS6f
vw8p7OzWTwBlBI6FBBgZaBX9QESwnF/cvGzJhj6tFr6htWPr7SQTJz5HuceI5bkP
8L4HlilxQSZU7JzSkywBEnYI9K4=
=NNqc
—–END PGP SIGNATURE—–

_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command “unsubscribe” in the subject of your message to cust-security-announce-leave@cisco.com

AutorDanijel Kozinovic
Cert idNCERT-REF-2017-09-0048-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
Izvorhttp://www.adobe.com/
Top
More in Preporuke
Sigurnosni nedostatak programskog paketa file

Otkriven je sigurnosni nedostatak u programskom paketu file za operacijski sustav Ubuntu. Otkriveni nedostatak potencijalnim napadačima omogućuje izvođenje napada uskraćivanjem...

Close