IBM Security Bulletin: The IBM FlashSystem V840 product model numbers AC0 and AC1 nodes are affected by vulnerabilities in Apache’s Struts library (CVE-2014-7809)
Apache Struts could potentially allow a remote attacker to bypass security restrictions, caused by predictable tokens. CVE(s): CVE-2014-7809 Affected product(s) and affected version(s): FlashSystem V840 including machine type...
from IBM Product Security Incident Response Team http://ift.tt/1DKOYjn
from IBM Product Security Incident Response Team http://ift.tt/1DKOYjn