Skip to main content
  • Subscribe by RSS
  • Ex Libris Knowledge Center

    Struts2 vulnerabilities


    • Product: Aleph
    • Product Version: 20, 21, 22, 23
    • Relevant for Installation Type: Dedicated-Direct, Direct, Local, Total Care



    We have been alerted to a significant increase in scanning for a critical vulnerability to Apache Struts2: 

    Can we confirm that public facing systems hosted with Exlibris (Aleph's apache, primo, sfx, verde, metalib) are not vulnerable to this attack? 


    The Ex Libris Security Officer has replied: "Ex Libris has been made aware of a recently discovered vulnerability in STRUTS2. THIS VULNERABILITY DOES NOT AFFECT EX LIBRIS PRODUCTS. As a precaution, Ex Libris has blocked the signature for this vulnerability in Ex libris Cloud and Hosted vulnerability protection systems." 



    • Article last edited: 12-Mar-2017