Multiple Vulnerabilities in Apache Struts 2 Affecting Cisco Products: September 2017

On September 5, 2017, the Apache Software Foundation released security bulletins that disclose three vulnerabilities in the Apache Struts 2 package. Of these vulnerabilities, the Apache Software Foundation classifies one as Critical Severity, one as Medium Severity, and one as Low Severity. For more information about the vulnerabilities, refer to the Details section of this advisory.

Multiple Cisco products incorporate a version of the Apache Struts 2 package that is affected by these vulnerabilities.

This advisory will be updated as additional information becomes available.

This advisory is available at the following link:
http://ift.tt/2ePwVJl On September 5, 2017, the Apache Software Foundation released security bulletins that disclose three vulnerabilities in the Apache Struts 2 package. Of these vulnerabilities, the Apache Software Foundation classifies one as Critical Severity, one as Medium Severity, and one as Low Severity. For more information about the vulnerabilities, refer to the Details section of this advisory.

Multiple Cisco products incorporate a version of the Apache Struts 2 package that is affected by these vulnerabilities.

This advisory will be updated as additional information becomes available.

This advisory is available at the following link:
http://ift.tt/2ePwVJl
Security Impact Rating: Critical
CVE: CVE-2017-9793,CVE-2017-9804,CVE-2017-9805

from Cisco Security Advisory http://ift.tt/2ePwVJl