"On March 6, 2017, Apache disclosed a vulnerability in the Jakarta multipart parser of Apache Struts could allow an unauthenticated, remote attacker to execute arbitrary code on an affected system. This vulnerability has been assigned CVE-ID CVE-2017-5638. " (Cisco Security Advisory)
Attackers are able to exploit this vulnerability and remotely by persuading targeted end users to upload a malicious file.
Any workarounds, if available, are documented in the Cisco Bug Search Tool, which can be searched using the "Cisco Bug IDs" listed in the table below.
The following products have been confirmed to be affected by the vulnerability
A list of products that have been confirmed not vulnerable can be found here.
ISSUE Fast Facts:
Q: When did Cisco become aware of this issue?
On March 6, 2017, Apache disclosed a vulnerability in the Jakarta multipart parser used in Apache Struts2.
Q: Does this issue only affect Cisco products?
No, other companies also use this multipart parser. LookingPoint advises customers to check any non-Cisco products they use for possible issues.
Q: Where can I find more information regarding this?
Cisco Advisory: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170310-struts2
Cisco Security Advisories and Alerts: https://tools.cisco.com/security/center/publicationListing.x
Apache Avisory: https://cwiki.apache.org/confluence/display/WW/S2-045
Written By: Eden Penman, LookingPoint Marketing Coordinator