SAP Knowledge Base Article - Public

2688978 - Is SuccessFactors Affected by Apache Struct 2 Vulnerability?

Symptom

You want to know if SFSF BizX Suite is vulnerable by Apache Struct 2 Vulnerability

Environment

SAP SuccessFactors HCM Suite

Resolution

SAP reviews all security advisories with due diligence, and has confirmed that our Java stack: SuccessFactors BizX, LMS, RMK are not using STRUTS 2.  SAP is not affected by CVE-2018-11776

See Also

2088904 - System Security: Clickjacking - How to prevent - BizX Platform

Keywords

Apache, vulnerability, exploit, security , KBA , LOD-SF-PLT , Platform Foundational Capabilities , LOD-SF-PLT-SEC , Security & Permissions , Problem

Product

SAP SuccessFactors HXM Suite all versions