Jump to content


Recommended Posts

3 of our domain controllers are showing a security vulnerability of CVE-2017-5638.Struts2.

Currently showing as 'detected'. What action should I be taking?


Link to comment
Share on other sites

  • Administrators

Please refer to https://forum.eset.com/topic/19223-cve-2017-5638struts2-being-reported-on-server-without-apache2-or-java/. Detected means that it was also blocked. What you can do is block remote IP addresses from which the attack attempt was performed on a firewall.

Link to comment
Share on other sites

This topic is now closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...