Does CVE-2017-9805 affect UIM

Document ID : KB000015889
Last Modified Date : 14/02/2018
Show Technical Document Details
Question:

Does CVE-2017-9805 affect UIM

Environment:
UIM 8.5.xUIM 8.4.x
Answer:

CVE-2017-9805 only affects applications using Struts 2.1.2 - Struts 2.3.33, Struts 2.5 - Struts 2.5.12.

UMP in UIM uses Liferay 6.1.30 which uses Struts 1.2, so this vulnerability does not apply.

Additional Information:

https://struts.apache.org/docs/s2-052.html