https://community.cisco.com/t5/network-access-control/struts2-cve-2017-5638/m-p/3548809#M517060 <HTML><HEAD></HEAD><BODY><P>No, not needed. The CVE is associated with CSCvd49829 and the fix has been integrated into 2.2 Patch 1.</P></BODY></HTML> Mon, 14 May 2018 19:51:09 GMT hslai 2018-05-14T19:51:09Z https://community.cisco.com/t5/network-access-control/struts2-cve-2017-5638/m-p/3548808#M517057 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>I'm going to patch 8 in several months. Does <STRONG>2.2.0.470 with Patch 8</STRONG> deployment still need Struts2 CVE-2017-5638 fix, aka "<SPAN class="pointer text-darkgreen">ise-applystrutsfix-signed.x86_64.tar.gz"</SPAN>?</P><P></P><P>Thanks.</P></BODY></HTML> Mon, 14 May 2018 19:44:39 GMT https://community.cisco.com/t5/network-access-control/struts2-cve-2017-5638/m-p/3548808#M517057 Ping Zhou 2018-05-14T19:44:39Z https://community.cisco.com/t5/network-access-control/struts2-cve-2017-5638/m-p/3548809#M517060 <HTML><HEAD></HEAD><BODY><P>No, not needed. The CVE is associated with CSCvd49829 and the fix has been integrated into 2.2 Patch 1.</P></BODY></HTML> Mon, 14 May 2018 19:51:09 GMT https://community.cisco.com/t5/network-access-control/struts2-cve-2017-5638/m-p/3548809#M517060 hslai 2018-05-14T19:51:09Z