Rewterz Threat Alert – STOP (DJVU) Ransomware – Active IOCs
December 20, 2022Rewterz Threat Alert – Shuckworm APT Group aka Armageddon – Active IOCs
December 21, 2022Rewterz Threat Alert – STOP (DJVU) Ransomware – Active IOCs
December 20, 2022Rewterz Threat Alert – Shuckworm APT Group aka Armageddon – Active IOCs
December 21, 2022Severity
High
Analysis Summary
CVE-2022-47500
Apache Helix could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability. By sending a specially-crafted request, an attacker could exploit this vulnerability using user-controlled query parameter to redirect a victim to arbitrary Web sites.
Impact
Gain Access
Indicators Of Compromise
CVE
- CVE-2022-47500
Affected Vendors
Apache
Affected Products
- Apache Helix 0.8.0
- Apache Helix 1.0.4
Remediation
Upgrade to the latest version of Helix, available from the Apache Website.