Cisco issues critical warning around Apache Struts2 vulnerability

Cisco’s security team today called the weakness in Apache Struts “critical” and is evaluating many its products to assess the impact.

The company said it will publish a list of vulnerable products here as it learns of them.

Earlier this week Apache revealed a vulnerability in the Jakarta multipart parser used in Apache Struts2 that could let an attacker execute commands remotely on the targeted system using what’s known as acrafted Content-Type header value.

-More on Network World: Cisco’s Jasper deal – one year, 18 million new IoT devices later, challenges remain+

To read this article in full or to leave a comment, please click here