IBM Security Bulletin:Vulnerability in Apache Struts affects Storwize V7000 Unified (CVE-2017-5638)
A vulnerability in the Apache Struts component affects the Service Assistant GUI of Storwize V7000 Unified allowing arbitrary code execution. The Command Line Interface is unaffected.
CVE(s): CVE-2017-5638
Affected product(s) and affected version(s):
IBM Storwize V7000 Unified
The product is affected when running code releases 1.5.x and 1.6.0.0 to 1.6.2.1
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2gzmUgN
X-Force Database: http://ift.tt/2m6OQ0m
The post IBM Security Bulletin:Vulnerability in Apache Struts affects Storwize V7000 Unified (CVE-2017-5638) appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team http://ift.tt/2gzZx71