- Product: Aleph
- Product Version: 20, 21, 22, 23
- Relevant for Installation Type: Dedicated-Direct, Direct, Local, Total Care
We have been alerted to a significant increase in scanning for a critical vulnerability to Apache Struts2:
Can we confirm that public facing systems hosted with Exlibris (Aleph's apache, primo, sfx, verde, metalib) are not vulnerable to this attack?
The Ex Libris Security Officer has replied: "Ex Libris has been made aware of a recently discovered vulnerability in STRUTS2. THIS VULNERABILITY DOES NOT AFFECT EX LIBRIS PRODUCTS. As a precaution, Ex Libris has blocked the signature for this vulnerability in Ex libris Cloud and Hosted vulnerability protection systems."
- Article last edited: 12-Mar-2017