Alteryx Connect Discussions

Find answers, ask questions, and share expertise about Alteryx Connect.

Tenable detects Apache Struts CVE-2011-3923 on Connect install.

mcartwri
5 - Atom

My understanding is, not only is this a very old CVE, but Connect installs Tomcat.

Is there a way to upgrade JUST Apache on the connect install, or should this be reported to Tenable as a false-positive?

 

 

 

Apache Struts 2.3.1.1 Multiple Vulnerabilities
Diagnosis:
The version of Apache Struts running on the remote host is prior to 2.3.1.1. It, therefore, affected by multiple
vulnerabilities:

- The CookieInterceptor component in Apache Struts before 2.3.1.1 does not use the parameter-name whitelist, which
allows remote attackers to execute arbitrary commands via a crafted HTTP Cookie header that triggers Java code
execution through a static method. (CVE-2012-0392)

- Apache Struts before 2.3.1.2 allows remote attackers to bypass security protections in the ParameterInterceptor
class and execute arbitrary commands. (CVE-2011-3923)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

See Also:
https://cwiki.apache.org/confluence/display/WW/S2-008
Related CVE IDs:
CVE-2012-0392
CVE-2011-3923
Solution: Upgrade to Apache Struts version 2.3.1.1 or later

 

2 REPLIES 2
LisaL
Alteryx
Alteryx

@mcartwri 

 

You should be able to remove the offending .jar(s).

By default, the installation path for Connect is C:\Program Files\AlteryxConnect.  You may have installed to a different location.  The full path to the .jar files is (again, by default) C:\Program Files\AlteryxConnect\webapps\ROOT\WEB-INF\lib  

You can search for struts, and then delete the files that contain the vulnerabilities.

After you delete them, you'll need to restart Connect.

 

Fully delete these files, then restartFully delete these files, then restart

 

 

Lisa LePome
Senior Customer Support Engineer -- Knowledge Management Coach
Alteryx, Inc.
mcartwri
5 - Atom

Thank you so much! This is a HUGE help. Very easy fix, never would have thought of it. Thanks again!