https://community.cisco.com/t5/network-access-control/ise-2-2-patch-12-apache-struts-vulnerability/m-p/3775463#M486535 <P>Thanks Jason for your recommendation.</P> <P>&nbsp;</P> <P>Regards,</P> <P>Charles</P> Tue, 08 Jan 2019 21:12:53 GMT chbudima 2019-01-08T21:12:53Z https://community.cisco.com/t5/network-access-control/ise-2-2-patch-12-apache-struts-vulnerability/m-p/3774554#M486530 <P>Hi Team,</P> <P>&nbsp;</P> <P>We have ISE 2.2&nbsp;<SPAN>patch 9 with Apache Struts Hotpatch "ise-apply-CSCvm14030_2.2.0.470_common_1-SPA.tar.gz" installed. The Apache Struts hotpatch was installed from CCO download page to fix Apache Struts vulnerability&nbsp;CVE-2018-11776 back in August 2018.</SPAN></P> <P>&nbsp;</P> <P><SPAN>We need to install ISE 2.2 patch 12 to fix the latest Apache Struts vulnerability&nbsp;CVE-2016-1000031 which announced on Nov 2018.</SPAN></P> <P>&nbsp;</P> <P><SPAN>My query is how to install ISE 2.2 patch 12 in this situation:</SPAN></P> <P><SPAN>Do we need to rollback Apache Struts Hotpatch&nbsp;"ise-apply-CSCvm14030_2.2.0.470_common_1-SPA.tar.gz"&nbsp;first before installing 2.2 patch 12?</SPAN></P> <P><SPAN>Or do we&nbsp;directly install 2.2 patch 12 without uninstall Apache Struts Hotpatch first on top ofISE 2.2&nbsp;patch 9 with Apache Struts Hotpatch "ise-apply-CSCvm14030_2.2.0.470_common_1-SPA.tar.gz"&nbsp;?</SPAN></P> <P>&nbsp;</P> <P><SPAN>Could you please advise ?</SPAN></P> <P>&nbsp;</P> <P><SPAN>Thanks for your help.</SPAN></P> <P>&nbsp;</P> <P><SPAN>Regards,</SPAN></P> <P><SPAN>Charles</SPAN></P> Tue, 08 Jan 2019 01:07:17 GMT https://community.cisco.com/t5/network-access-control/ise-2-2-patch-12-apache-struts-vulnerability/m-p/3774554#M486530 chbudima 2019-01-08T01:07:17Z https://community.cisco.com/t5/network-access-control/ise-2-2-patch-12-apache-struts-vulnerability/m-p/3775141#M486533 <P>Per the TAC and development team, rollback is recommended. There will be no further guidance on this for now</P> <P>&nbsp;</P> Tue, 08 Jan 2019 15:35:30 GMT https://community.cisco.com/t5/network-access-control/ise-2-2-patch-12-apache-struts-vulnerability/m-p/3775141#M486533 Jason Kunst 2019-01-08T15:35:30Z https://community.cisco.com/t5/network-access-control/ise-2-2-patch-12-apache-struts-vulnerability/m-p/3775463#M486535 <P>Thanks Jason for your recommendation.</P> <P>&nbsp;</P> <P>Regards,</P> <P>Charles</P> Tue, 08 Jan 2019 21:12:53 GMT https://community.cisco.com/t5/network-access-control/ise-2-2-patch-12-apache-struts-vulnerability/m-p/3775463#M486535 chbudima 2019-01-08T21:12:53Z