management_console.war file is still placed in Single Sign-On 12.6.01 AdminUI (C:\CA\SiteMinder\adminui\server\default\deploy\iam_siteminder.ear. However it should be removed since it is not used by AdminUI.
Although Apache Struts 1.x is placed in management_console.war in SiteMinder12.5x, Siteminder is not affected by Struts 1.x vulnerability since the management_console is not used in SiteMinder.
Struts has been not present already in Third-Party Software Acknowledgments for 12.6.01.
It has been present in Third-Party Software Acknowledgments for 12.5x.