https://kc.mcafee.com/agent/index?page=content&id=KB88897

 

Several customers have brought up this vulnerability in Apache which of course ePO utilizes.  Officially, ePO doesn't use the Struts feature so we're not vulnerable to this issue.

 

To read more on this subject, check out the following links:

 

https://struts.apache.org/docs/s2-045.html

https://arstechnica.com/security/2017/03/critical-vulnerability-under-massive-at tack-imperils-high-impact-sites/