REDLEGG BLOG

Emergency Vulnerability Bulletin - 10/17/22

10/17/22 12:47 PM  |  by RedLegg Blog

Apache Commons Text Remote Code Execution Vulnerability

Identifier: CVE-2022-42889

Exploit or POC: No

Update: https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om

Description: CVE-42889 allows for remote code execution. The standard set of Lookup instances found within the Apache Commons Text vulnerability could result in contact with a remote server or elicit arbitrary code execution. This vulnerability impacts versions 1.5 through 1.9. Apache Commons Text satisfies variable interpolation, which allows properties to be dynamically evaluated and expanded. Default formatting for interpolation includes “${prefix:name}”, in which case “prefix” is used to pinpoint an instance of org.apache.commons.text.lookup.StringLookup which achieves the interpolation. These lookups include “script”, which is used to perform expressions using JVM script execution engine, “dns” to resolve dns records, and “url” to load values from urls. To remedy this vulnerability, the vendor has recommended users upgrade to Apache Commons Text 1.10.0.

Mitigation recommendation: Patching is currently the only method of mitigation

RedLegg Action: None at this time.

Get Blog Updates

Related Articles

Emergency Vulnerability Bulletin - 11/30/22 threat intel, 96bravo

Emergency Vulnerability Bulletin - 11/30/22

About: RedLegg will occasionally communicate vulnerabilities released outside the usual release schedule to provide ...
Emergency Vulnerability Bulletin - 11/29/22 threat intel, 96bravo

Emergency Vulnerability Bulletin - 11/29/22

Oracle Fusion Middleware Unspecified Vulnerability Identifier: CVE-2022-35587 Exploit or POC: Yes (Actively Being ...
Critical Security Vulnerabilities Bulletin