Skip to main content

This content is closed to future replies and is no longer being maintained or updated.
Links may no longer function. If you have a similar request, please write a new post.

Question

 manovikas muduganti (manovikasm)
asurion

asurion
US
manovikasm Member since 2016 4 posts
asurion
Posted: Sep 12, 2017
Last activity: Sep 13, 2017
Posted: 12 Sep 2017 22:46 EDT
Last activity: 13 Sep 2017 3:07 EDT
Closed

Is prpc 7.1.9 vulnerable to struts CVE-2017-5638

Is prpc 7.1.9 vulnerable to struts CVE-2017-5638

To see attachments, please log in.
Security

  • Shivakumar Hugar
Posted: 8 years ago
Posted: 13 Sep 2017 3:07 EDT
Shubham Shekhar (Shekhar_Shubham) Senior Solutions Engineer
Pegasystems Inc.
IN

Hi,

According to apache security Advisory S2-045/CVE-2017-5638 for Apache struts 2  and on these versions.2.3.5-2.3.31 and 2.5-2.5.10 

SMA is using struts2 as its 3rd party library.
PRPC 7.1.8 seems to use  this
I think these are also applied.
PRPC 7.1.9
PRPC 7.2
PRPC 7.2.1
HFix-32973 was provoided for 7.18
This Bug was reported in 7.1.8 and is fixed in 7.3 version

Thank You.

To see attachments, please log in.

Related content:

Related content has not currently been identified for this post.

We'd prefer it if you saw us at our best.

Pega Collaboration Center has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice