Submitting forms on the support site are temporary unavailable for schedule maintenance. If you need immediate assistance please contact technical support. We apologize for the inconvenience.
"Apache Struts: S2-056 (CVE-2018-1327)" is the number reported in Nexpose Security Report
Description
We have STAT 6.2 Web Server installed and working great. We got report dinged from security team on following "Apache Struts: S2-056 (CVE-2018-1327): Security updates available for Apache Struts -- Vulnerable software installed: Apache Struts 2.3.35"
Looking inside the Stat 6.2 Web Server installed i found following location its present.
Wondering if this is used or its a temp file can be cleaned ? or any other solution?
/u01/stat62/app/standalone/tmp/vfs/temp/temp24189115ca1f211e/stat-config.war-3a7f2c05f3289656/WEB-INF/lib/
ls struts2*2.3.35*
struts2-core-2.3.35.jar
struts2-tiles-plugin-2.3.35.jar
struts2-json-plugin-2.3.35.jar
Sign In Required
You need to be signed in and under a current maintenance contract to view premium knowledge articles.
Your Request will be reviewed by our technical reviewer team and, if approved, will be added as a Topic in our Knowledgebase.
Welcome to Quest Support
You can find online support help for Quest *product* on an affiliate support site. Click continue to be directed to the correct support content and assistance for *product*.
The Quest Software Portal no longer supports IE8, 9, & 10 and it is recommended to upgrade your browser to the latest version of Internet Explorer or Chrome.