Cisco has released advisories describing Apache Struts 2 vulnerabilities potentially affecting multiple products. A remote attacker could exploit one of these vulnerabilities to take control of an affected system.
US-CERT encourages users and administrators to review the Cisco Security Advisories for more information:
- Apache Struts 2 Remote Code Execution Vulnerability Affecting Multiple Cisco Products: September 2017 cisco-sa-20170909-struts2-rce
- Multiple Vulnerabilities in Apache Struts 2 Affecting Cisco Products: September 2017 cisco-sa-20170907-struts2
This product is provided subject to this Notification and this Privacy & Use policy.