Apache Struts vulnerability paralyzes several Canadian government websites

Canadian government spokespersons have reported that the detection of unauthorized access to a server of the statistical service last March 9 caused the preventive shut down for several days of various online services of  the Statistics Canada Site and the website of the CRA (Canada Revenue Agency).The decision of the shutdown was motivated by the existence of a serious vulnerability in the development framework Apache Struts 2, which is used in both webs and that could allow the illegal access to that server.

According to the same spokespersons the unauthorized access detected on the statistical service website did not compromised personal or sensitive data.

botón arriba