Addressing CVE 2018-11776 for Advanced Authentication product suite

Document ID : KB000113447
Last Modified Date : 10/09/2018
Show Technical Document Details
Question:
Please confirm the impact of Apache Struts Namespace & URL Tag RCE Vulnerability (CVE-2018-11776) on CA Authminder/Riskminder/UDS/StateManager components.
Answer:
This vulnerability is only when we are using result or url tags. So,this vulnerability will not impact our product.
<%@ taglib prefix="html" uri="http://struts.apache.org/tags-html" %>
<%@ taglib prefix="tiles" uri="http://struts.apache.org/tags-tiles" %>