Wireless Access

last person joined: yesterday 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Apache Struts2 vulnerability

This thread has been viewed 1 times

  • 1.  Apache Struts2 vulnerability

    Posted Apr 21, 2014 03:21 AM

    Do you have information about Apache Struts2 vulnerability on aruba products?

    Before, ClearPass products have Apache Struts vulnerability.

     

    Is this vulnerability applicable for Aruba Produts?

     

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0094



  • 2.  RE: Apache Struts2 vulnerability

    EMPLOYEE
    Posted Apr 21, 2014 06:57 AM

    Aruba controllers run the Apache webserver 2.0.52 and NOT the Apache Struts framework. 



  • 3.  RE: Apache Struts2 vulnerability

    Posted May 12, 2014 03:20 AM

    Thank you for your info.

    How about ClearPass and AirWave?

     

    Thanks Regards,



  • 4.  RE: Apache Struts2 vulnerability

    Posted May 12, 2014 05:11 AM

    have a look at:

    http://www.arubanetworks.com/support-services/security-bulletins/

     

    it lists only this for clearpass:

    http://www.arubanetworks.com/support/alerts/aid-080113.asc



  • 5.  RE: Apache Struts2 vulnerability

    Posted May 12, 2014 05:18 AM

    Thank you for your info.

    I look that link information, but I can't find the CVE#.

     

    I think this issue is another vulnerability.

    http://www.arubanetworks.com/support/alerts/aid-080113.asc

     

    I need info about CVE-2014-0113.

    http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0113

     

     

    Thanks and Regards,



  • 6.  RE: Apache Struts2 vulnerability
    Best Answer

    Posted May 15, 2014 08:50 PM

    Hey guys,

     

    I got information from this link about this thread.

    http://www.arubanetworks.com/support-services/security-bulletins/

     

    Regards,