Does vulnerability (S2-016) of Apache Struts and vulnerability (CVE-2013-2251) of Apache Struts2 affect products of intra-mart?

 
[Answer]
 ------------------------------------------------------------- 
 Alert related to vulnerability (S2-016) of Apache Struts
    http://www.jpcert.or.jp/at/2013/at130033.html (Japanese)
 Verification report related to vulnerability (CVE-2013-2251) which any Java code is executed due to defect of prefix parameter process of Apache Struts2
    http://www.intellilink.co.jp/article/vulner/130723.html (Japanese)
 ------------------------------------------------------------- 

  We provide the development model using SAStruts framework in intra-mart Accel Platform.
  The version of Struts framework included in SAStruts framework is 1.2.9.
  Struts2 which became a problem this time is originally based on a framework named WebWork2, and it is a different framework from Struts1.2.x.
  Therefore, there is no effect on this alert in intra-mart Accel Platform which does not adopt Struts2.

-- Target ----------------------------------------------------------------------
iAP/Accel Platform/All Updates
-------------------------------------------------------------------------------- 



FAQID:25
Was this article helpful?
0 out of 0 found this helpful
Powered by Zendesk