Is RSA SecureID authentication manager 8.X vulnerable to the new apache struts vuln? I see you had to patch struts back in 2014 with an advisory. What about the latest one? Does any of the SP resolve it? 8.2.5? or wait for SP6?
CVE number: CVE-2017-5638
The vulnerability exists in Apache Struts versions 2.3.5 through 2.3.31 and 2.5 through 2.5.10
I dont see a new advisory for this