5th Nov 2018 – Apache Releases Security Advisory for Apache Struts. Is there any concern by Cisco?

US-CERT urge that stay alert for the former Apache Struts design weakness (CVE-2016-1000031 – Apache Commons FileUpload DiskFileItem File Manipulation Remote Code Execution)

See whether does it effect cisco products?
Since this vulnerability just happened yesterday. And therefore no response from Vendor (Cisco) in the moment.

For details about this vulnerability. Please refer below URL for reference.

http://mail-archives.us.apache.org/mod_mbox/www-announce/201811.mbox/%3CCAMopvkMo8WiP%3DfqVQuZ1Fyx%3D6CGz0Epzfe0gG5XAqP1wdJCoBQ%40mail.gmail.com%3E

Status update – Cisco 7th Nov 2018 Apache Struts Commons FileUpload Library Remote Code Execution Vulnerability Affecting Cisco Products: November 2018:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-struts-commons-fileupload

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.