"Apache Struts: S2-056 (CVE-2018-1327)" is the number reported in Nexpose Security Report
説明
We have STAT 6.2 Web Server installed and working great. We got report dinged from security team on following "Apache Struts: S2-056 (CVE-2018-1327): Security updates available for Apache Struts -- Vulnerable software installed: Apache Struts 2.3.35"
Looking inside the Stat 6.2 Web Server installed i found following location its present.
Wondering if this is used or its a temp file can be cleaned ? or any other solution?
/u01/stat62/app/standalone/tmp/vfs/temp/temp24189115ca1f211e/stat-config.war-3a7f2c05f3289656/WEB-INF/lib/
ls struts2*2.3.35*
struts2-core-2.3.35.jar
struts2-tiles-plugin-2.3.35.jar
struts2-json-plugin-2.3.35.jar