Dave Ferguson

New detection for CVE-2017-12611

Discussion created by Dave Ferguson Employee on Sep 25, 2017



A new detection in WAS has been released for CVE-2017-12611.  This CVE is for another serious Apache Struts vulnerability.  In this case, a remote code execution (RCE) is possible when developers have used the wrong construction in Freemarker tags.  You can read the specifics about this flaw and how to remediate it in Apache Security Bulletin S2-053.


QID 150189 was added for this detection in WAS and it has a severity of "5".  Unless you have 100% confidence that you're not exposed, make sure to scan with an option profile that has this QID enabled.  Note that this QID will automatically be included if you're using "Complete" detection scope.