A possible Remote Code Execution (RCE) vulnerability S2-062 (CVE-2021-31805) has been found on Apache Tomcat server and certain versions of PD Web Application.
- 2.0.0 <= Apache Struts <= 2.5.29
This vulnerability is fixed in Apache Struts 2.5.30 version.
Vulnerability CVE-2021-31805 is known for WhiteSource and latest scans mark our code as potentially affected.
The issue is solved in the patch level releases for PD Web Application 7.7 PL14, 7.8 PL8, 7.9 PL3, and 7.10 PL1.
Level of Complexity
|PD WEB APPLICATION||7.8||PL8|
How to find the web application version and patch level:
Article # 3047283