IBM Support

Is Guardium impacted by CVE 2017-5638?

Question & Answer


Question

Is Guardium impacted by CVE 2017-5638?

Answer

This CVE is not relevant to Guardium as it is specific to Apache Struts v2..3.5 through 2.3.31 and Struts 2.5 through 2.5.10
Guardium uses Struts v1 for all versions up to and including 10.1.2

[{"Product":{"code":"SSMPHH","label":"IBM Security Guardium"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"Guardium Database Activity Monitor","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"}],"Version":"10.0;10.0.1;10.1;10.1.2;8.2;9.0;9.1;9.5","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]

Document Information

Modified date:
16 June 2018

UID

swg22000260

Page Feedback