05-13-2014 07:48 PM
ClearPass fixes for Struts security vulnerabilities are now available for versions 6.1.4, 6.2.6 and 6.3.0/6.3.1 The security vulnerabilities addressed in the patches are CVE-2014-0094, CVE-2014-0050, CVE-2014-0112, CVE-2014-0113. Please review the attached README document for more information.
Individual patches are available for ClearPass 6.1.4 and 6.2.6. For versions 6.3.1, the fixes are part of the latest cumulative update 6.3.2. There is no separate security patch available for these versions. Users should install the cumulative update 6.3.2 to obtain these fixes.
For ClearPass 6.1.4 and 6.2.6 please review the README for prerequisites before installing the patch. Customers can install the patches from the Software Updates screen in ClearPass UI. The patches are also available for offline download and install from our support site (support.arubanetworks.com) at the following locations.
- ClearPass 6.1.4 : Downloads > ClearPass > Policy Manager > Archives > 6.1.0 > Patches > ClearPass 6.1.4 Struts security vulnerability
- ClearPass 6.2.6 : Downloads > ClearPass > Policy Manager > Archives > 6.2.0 > Patches > ClearPass 6.2.6 Struts security vulnerability
- ClearPass 6.3.0/6.3.1 : Downloads > ClearPass > Policy Manager > Current Release > 6.3.0 > Patches > ClearPass 6.3.2 Cumulative Update
--Give Kudos: found something helpful, important, or cool? Click Kudos Star in a post.
--Problem Solved? Click "Accepted Solution" in a post.