I know we use apache, but I was wondering if the CVE-2017-5638 struts bug has been patched yet? Ive been hit with a couple attacks using that vulnerability and I know thats how equifax was breached, I was wondering if apache is up to date.
Also, is there a way to split updates into “Security” and “Base” updates so that sysadmins can log when specific security patches are deployed?
Not affected by the bug according to this:
https://access.redhat.com/security/cve/CVE-2017-5638
4 Likes