SAP Knowledge Base Article - Public

2688978 - Is SuccessFactors Affected by Apache Struct 2 Vulnerability?

Symptom

You want to know if SFSF BizX Suite is vulnerable by Apache Struct 2 Vulnerability

Environment

BizX Platform

Resolution

 SAP reviews all security advisories with due diligence, and has confirmed that our Java stack: SuccessFactors BizX, LMS, RMK are not using STRUTS 2.  SAP is not affected by CVE-2018-11776

See Also

  2088904 - System Security: Clickjacking - How to prevent - BizX Platform

Keywords

Apache, vulnerability, exploit, security , KBA , LOD-SF-PLT , Foundational Capabilities & Tools , LOD-SF-PLT-SEC , Security & Permissions , Problem

Product

SAP SuccessFactors HCM Suite all versions