Is DX Netops Spectrum 21.2.x vulnerable to CVE-2021-31805?
The Apache Software Foundation has released a security advisory to address a vulnerability in Struts in the version range 2.0.0 to 2.5.29. An attacker could exploit this vulnerability to take control of an affected system.
DX Netops Spectrum 21.2.8 ships with 2.5.26 version of Struts2.
Broadcom is reviewing and assessing if the product is vulnerable. This KB will be updated as more information becomes available.