Security

Reply
Contributor I
Posts: 23
Registered: ‎02-19-2017

ClearPass 6.5.7 Hotfix Patch for CVE-2017-5638 Struts2

Regarding this exploit highly recommend to apply and also change all clearpass password afterwards, a similar exploit was released a couple of years ago, allowing unauthentied users to get the etc/password file.

 

CVE: CVE-2017-5638

Title
=====
Apache Struts Remote Code Execution Vulnerability
Overview
========
An unauthenticated remote code execution vulnerability in the Apache
Struts 2 package has been publicly reported.  This advisory details
Aruba's exposure to this vulnerability.

 

**Aruba Wireless ACMP / ClearPass ACCP / CCNP Professional **
If a reply addresses your issue, please click on the "Accept as Solution" and "Give Kudos"

Aruba
Posts: 1,548
Registered: ‎06-12-2012

Re: ClearPass 6.5.7 Hotfix Patch for CVE-2017-5638 Struts2

http://community.arubanetworks.com/t5/Security/Clearpass-and-new-struts2-Vulnerability/td-p/290187

Thank You,
Troy

--Give Kudos: found something helpful, important, or cool? Click Kudos Star in a post.

--Problem Solved? Click "Accepted Solution" in a post.
Search Airheads
Showing results for 
Search instead for 
Did you mean: