Is the R12.52 SP1 Agent for SharePoint (SPS) vulnerable to CVE-2017-5638, and if so what CR's?

book

Article ID: 15361

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) AXIOMATICS POLICY SERVER CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction



Is the R12.52 SP1 Agent for SharePoint (SPS) vulnerable to CVE-2017-5638, and if so what CR's? 

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5638 

Environment

Release: ESPSTM99000-12.51-Single Sign On-Extended Support Plus
Component:

Resolution

This vulnarability is affecting versions of the Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1, since it mishandles file upload, which allows remote attackers to execute arbitrary commands via a #cmd= string in a crafted Content-Type HTTP header, as exploited in the wild in March 2017.
 
As MANIFEST.MF states as following, the Struts version is 1.2.9. So,we may conclude SiteMinder is not affected by this CVE.

>Specification-Title: Struts Framework
>Specification-Vendor: The Apache Software Foundation
>Specification-Version: 1.2.9
 

>Specification-Title: Struts Framework
>Specification-Vendor: The Apache Software Foundation
>Specification-Version: 1.2.9