Skip to main content

This content is closed to future replies and is no longer being maintained or updated.
Links may no longer function. If you have a similar request, please write a new post.

Question

 manovikas muduganti (manovikasm)
asurion

asurion
US
manovikasm Member since 2016 4 posts
asurion
Posted: Sep 12, 2017
Last activity: Sep 13, 2017
Posted: 12 Sep 2017 22:46 EDT
Last activity: 13 Sep 2017 3:07 EDT
Closed

Is prpc 7.1.9 vulnerable to struts CVE-2017-5638

Is prpc 7.1.9 vulnerable to struts CVE-2017-5638

To see attachments, please log in.
Security

  • Shivakumar Hugar
Posted: 7 years ago
Posted: 13 Sep 2017 3:07 EDT
Shubham Shekhar (Shekhar_Shubham) Senior Solutions Engineer
Pegasystems Inc.
IN

Hi,

According to apache security Advisory S2-045/CVE-2017-5638 for Apache struts 2  and on these versions.2.3.5-2.3.31 and 2.5-2.5.10 

SMA is using struts2 as its 3rd party library.
PRPC 7.1.8 seems to use  this
I think these are also applied.
PRPC 7.1.9
PRPC 7.2
PRPC 7.2.1
HFix-32973 was provoided for 7.18
This Bug was reported in 7.1.8 and is fixed in 7.3 version

Thank You.

To see attachments, please log in.

We'd prefer it if you saw us at our best.

Pega Collaboration Center has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice