Rewterz Threat Alert – RedLine Stealer – Active IOCs
July 6, 2022Rewterz Threat Advisory – CVE-2022-32533 – Apache Jetspeed-2 Vulnerability
July 7, 2022Rewterz Threat Alert – RedLine Stealer – Active IOCs
July 6, 2022Rewterz Threat Advisory – CVE-2022-32533 – Apache Jetspeed-2 Vulnerability
July 7, 2022Severity
High
Analysis Summary
CVE-2022-33980
Apache Commons Configuration could allow a remote attacker to execute arbitrary code on the system, caused by a flaw when using the interpolation defaults. By using a specially-crafted configuratrion, an attacker could exploit this vulnerability to execute arbitrary code or perform unintentional contact with remote servers .
Impact
- Code Execution
Indicators Of Compromise
CVE
- CVE-2022-33980
Affected Vendors
Apache
Affected Products
Apache Commons Configuration 2.4
Apache Commons Configuration 2.5
Apache Commons Configuration 2.6
Apache Commons Configuration 2.7
Remediation
Upgrade to the latest version of Apache Commons Configuration, available from the Apache Commons Configuration GIT Repository.