Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
383
Views
5
Helpful
1
Replies

TMS Struts Jakarta Vulnerability ( CVE-2017-5638 )

Steve.Milosevic
Level 1
Level 1

‎03-26-2017 04:56 PM - edited ‎03-18-2019 12:55 PM

Afternoon Folks,

I have 50 MX/SX endpoints and all communicate to a TMS Server 13.2.2.  Gov IT had scanned the TMS server (Windows) and found that it's vulnerable to the Struts Jakarta access (CVE-2017-5638).  What do I need to know to correct this, it appears everywhere I look it's a difficult solution.

Thanks...

Labels:
0 Helpful
1 Reply 1

Patrick Sparkman
VIP Alumni
VIP Alumni

‎03-26-2017 07:14 PM

According to security advisory cisco-sa-20170310-struts2, TMS doesn't appear to be affected, however it could be that Cisco hasn't checked it yet to verify it is/isn't vulnerable. Suggest you check the security advisory for updates and if TMS either gets confirmed vulnerable or not. In either case, your TMS version is quite old, suggest you upgrade to the most recent version to take advantage of security fixes and new features. 

Customers Also Viewed These Support Documents