CVE-2024-53677 critical vulnerability affecting Apache Struts2 below 6.4.0
search cancel

CVE-2024-53677 critical vulnerability affecting Apache Struts2 below 6.4.0

book

Article ID: 384344

calendar_today

Updated On:

Products

Service Virtualization

Issue/Introduction

Is DevTest affected by CVE-2024-53677, critical vulnerability affecting Apache Struts2 below 6.4.0

Environment

Service Virtualization 10.7.2, 10.8.0, 10.8.1

Resolution

DevTest components don’t use Struts Framework, so they are not affected by this security vulnerability CVE-2024-53677.

We use Struts2 v2.5.33 in the latest DemoServer v10.8.1 only, but it is also not affected (i.e. any application not using FileUploadInterceptor are safe.) 

Additional Information

External references:

Powered by Wolken Software