Get a Pentest and security assessment of your IT network.

News

VMware catches up with some Apache Struts patches, but not all

Apache Struts has been updated to version 2.3.16.2 to address multiple security issues. A fix for a remote code execution vulnerability was found to be insufficient and could be bypassed. A new fix addressed a medium-risk exploit that could have allowed attackers to manipulate the internal state of sessions and requests. The fix also addressed a denial-of-service vulnerability tracked as CVE-2014-0050 that was originally patched in Struts 2.2.1. Another product called vCenter Orchestrator (vCOps) is affected only by the denial of service issue.”]

Source: https://www.csoonline.com/article/2411080/vmware-catches-up-with-some-apache-struts-patches-but-not-all.html

Related posts
News

Ashley Madison 2.0 Hackers Leak 20GB Data Dump, Including CEO's Emails

News

Art of Twitter account hacking

News

Botnet authors use Evernote account as C&C Server

News

Canadian agency breached as hackers exploit CVE-2017-5638 flaw in Apache Struts 2