Security

Reply
Highlighted
Contributor I

ClearPass 6.5.7 Hotfix Patch for CVE-2017-5638 Struts2

Regarding this exploit highly recommend to apply and also change all clearpass password afterwards, a similar exploit was released a couple of years ago, allowing unauthentied users to get the etc/password file.

 

CVE: CVE-2017-5638

Title
=====
Apache Struts Remote Code Execution Vulnerability
Overview
========
An unauthenticated remote code execution vulnerability in the Apache
Struts 2 package has been publicly reported.  This advisory details
Aruba's exposure to this vulnerability.

 

**Aruba Wireless ACMP / ClearPass ACCP / CCNP Professional **
If a reply addresses your issue, please click on the "Accept as Solution" and "Give Kudos"

Aruba

Re: ClearPass 6.5.7 Hotfix Patch for CVE-2017-5638 Struts2

http://community.arubanetworks.com/t5/Security/Clearpass-and-new-struts2-Vulnerability/td-p/290187

Thank You,
Troy

--Give Kudos: found something helpful, important, or cool? Click Kudos Star in a post.

--Problem Solved? Click "Accepted Solution" in a post.
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: