The CVE-2023-34149 and CVE-2023-50164 vulnerabilities exist in Apache Struts version 2.0.0 to 2.5.32.
Apache struts2-2.5.26 version (VIP EG 9.9.x) and Apache struts2-2.5.30 version (VIP EG 9.10.x) exist in the install directory of the VIP Enterprise Gateway.
VIP Enterprise Gateway on Windows or Linux
Note: Struts2 version 2.5.33 is included in VIP Gateway 9.11.0
If you wish to stay on a lower version of VIP Gateway at this time, then whenever possible, upgrade to VIP EG 9.10.3 (Windows) or 9.10.2 (Linux) before applying this fix.