Apache Struts Multiple Versions Remote Code Execution Vulnerability

Known Exploited Vulnerability

CVE-2017-9805, Apache Struts Multiple Versions Remote Code Execution Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 contains a vulnerability which can lead to Remote Code Execution.

The following remediation steps are recommended / required by May 3, 2022: Apply updates per vendor instructions.