community Alteryx IO MyAlteryx
alteryx Community
Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Close
Free Trial

Alteryx Connect Discussions

Find answers, ask questions, and share expertise about Alteryx Connect.

Tenable detects Apache Struts CVE-2011-3923 on Connect install.

mcartwri
5 - Atom
‎03-08-2021 11:34 AM

My understanding is, not only is this a very old CVE, but Connect installs Tomcat.

Is there a way to upgrade JUST Apache on the connect install, or should this be reported to Tenable as a false-positive?

 

 

 

Apache Struts 2.3.1.1 Multiple Vulnerabilities
Diagnosis:
The version of Apache Struts running on the remote host is prior to 2.3.1.1. It, therefore, affected by multiple
vulnerabilities:

- The CookieInterceptor component in Apache Struts before 2.3.1.1 does not use the parameter-name whitelist, which
allows remote attackers to execute arbitrary commands via a crafted HTTP Cookie header that triggers Java code
execution through a static method. (CVE-2012-0392)

- Apache Struts before 2.3.1.2 allows remote attackers to bypass security protections in the ParameterInterceptor
class and execute arbitrary commands. (CVE-2011-3923)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

See Also:
https://cwiki.apache.org/confluence/display/WW/S2-008
Related CVE IDs:
CVE-2012-0392
CVE-2011-3923
Solution: Upgrade to Apache Struts version 2.3.1.1 or later

 

Labels:
Reply
0 Likes
2 REPLIES 2
LisaL
Alteryx Alumni (Retired)
‎03-09-2021 03:11 PM

@mcartwri 

 

You should be able to remove the offending .jar(s).

By default, the installation path for Connect is C:\Program Files\AlteryxConnect.  You may have installed to a different location.  The full path to the .jar files is (again, by default) C:\Program Files\AlteryxConnect\webapps\ROOT\WEB-INF\lib  

You can search for struts, and then delete the files that contain the vulnerabilities.

After you delete them, you'll need to restart Connect.

 

Fully delete these files, then restartFully delete these files, then restart

 

 

Lisa LePome
Principal Support Engineer -- Knowledge Management Coach
Alteryx, Inc.
Reply
mcartwri
5 - Atom
‎03-10-2021 10:41 AM

Thank you so much! This is a HUGE help. Very easy fix, never would have thought of it. Thanks again!

Reply
0 Likes
view community live events
industry user group interest form
Top Solution Authors
View All