This site uses different types of cookies, including analytics and functional cookies (its own and from other sites). To change your cookie settings or find out more, click here. If you continue browsing our website, you accept these cookies.
My understanding is, not only is this a very old CVE, but Connect installs Tomcat.
Is there a way to upgrade JUST Apache on the connect install, or should this be reported to Tenable as a false-positive?
Apache Struts 18.104.22.168 Multiple Vulnerabilities
The version of Apache Struts running on the remote host is prior to 22.214.171.124. It, therefore, affected by multiple
- The CookieInterceptor component in Apache Struts before 126.96.36.199 does not use the parameter-name whitelist, which
allows remote attackers to execute arbitrary commands via a crafted HTTP Cookie header that triggers Java code
execution through a static method. (CVE-2012-0392)
- Apache Struts before 188.8.131.52 allows remote attackers to bypass security protections in the ParameterInterceptor
class and execute arbitrary commands. (CVE-2011-3923)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Related CVE IDs:
Solution: Upgrade to Apache Struts version 184.108.40.206 or later
You should be able to remove the offending .jar(s).
By default, the installation path for Connect is C:\Program Files\AlteryxConnect. You may have installed to a different location. The full path to the .jar files is (again, by default) C:\Program Files\AlteryxConnect\webapps\ROOT\WEB-INF\lib
You can search for struts, and then delete the files that contain the vulnerabilities.
After you delete them, you'll need to restart Connect.
Fully delete these files, then restart
Lisa LePome Senior Customer Support Engineer -- Knowledge Management Coach Alteryx, Inc.