/support/notes/service/sap_logo.png){kind=logo}
SAP Knowledge Base Article - PreviewSymptom
On April 12, 2022 the Apache Software Foundation released information (S2-062) on vulnerability (CVE-2021-31805) in Apache Struts 2. This vulnerability is due to the incomplete fix for the vulnerability (CVE-2020-17530) published in the advisory S2-061 on December 8, 2020. A remote attacker leveraging this vulnerability may execute arbitrary code on the server that runs Apache Struts 2.
The following are the versions of Apache Struts 2 are affected by the vulnerability: Apache Struts 2 - Versions 2.0.0 to 2.5.29. Recommendation from Apache Software Foundation is to upgrade to the recently release version of Apache Struts 2 that address this vulnerability. Its backward compatible so no issues expected when upgrading to Struts 2.5.30 Apache Struts 2 - Versions 2.5.30
Read more...
Environment
SAP Data Services 4.x
Product
SAP Data Services 4.2
Keywords
(S2-062), (CVE-2021-31805), SAP Data Services, SAP BODS, DS, BODS, Apache, Strut, struts, CVE, 2021, 31805 , KBA , EIM-DS-SVR , Administration/Server , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.
/support/notes/service/facebook.svg)
/support/notes/service/twitter.svg)
/support/notes/service/youtube.svg)
/support/notes/service/linkedin.svg)
/support/notes/service/instagram2.svg)