Severe Security Vulnerability - Apache Struts


Apache Struts


Security researchers at have discovered a critical remote code execution vulnerability in Apache Struts — a popular open-source framework for developing web applications in the Java programming language. All versions of Struts since 2008 are affected; all web applications using the framework’s popular REST plugin are vulnerable. Users are advised to upgrade their Apache Struts components as a matter of urgency. This vulnerability has been addressed in Struts version 2.5.13.
Affected developers are urged to upgrade to Apache Struts version 2.5.13.
The flaw was reported to Apache Struts developers in July, with a patched version of the framework released today.

Recommendation - 

Upgrade Immediately

Apache Struts version 2.5.13


Additional Resources

About Dragonfly

Dragonfly Technologies - Secure Solutions, Simplified
Whether its infrastructure, data or application security, Dragonfly has the technical expertise to assist you in protecting your organisation's most critical assets.

We protect Australia's most security conscious organisations. 

For immediate assistance, contact our team on 1300 663 220 or online