PSIRT Advisory

Apache Struts RCE Vulnerability

Summary

Multiple Remote Code Execution vulnerabilities (CVE-2017-9805, CVE-2017-9804, CVE-2017-9793) are affecting Apache Struts.

Impact

Remote Code Execution (RCE)

Affected Products

The following Fortinet products are NOT affected:

FortiOS
FortiAP
FortiSwitch
FortiAnalyzer
FortiMail
FortiManager
FortiWeb
FortiAuthenticator

None of the products above are using Apache Struts.