Struts Vulnerability - CVE-2019-0233 and its impact on Identity Manager

IM doesn't use Struts based Action class to carry out file upload process. Rather, it uses custom file upload implementation leveraging Apache Commons library with required validation controls in place. So, it's not possible for an attacker to override access permissions to cause a Denial of Service via a file upload and hence, IM is not exploitable for this vulnerability.