CISA warns about active operation of corrected vulnerabilities of JASPERREPORTS

Cisa added 2 vulnerabilities in Jasperreports from Tibco Software in your catalog of well-known exploited vulnerabilities ( Known exploreded vuliner. >), referring to evidence of active use.

Disadvantages cve-2018-5430 (Evaluation of CVSS: 7.7) and cve-2018-18809 (evaluation of CVSS: 9.9), were eliminated Tibco in April 2018 and March 2019, respectively. However, they are operated by cybercriminals so far.

Tibco JasperrePorts is a reporting and analysis of data based on Java for the creation, distribution and management of reports and information panels.

  • CVE-2018-5430-the vulnerability of information disclosure in the server component, which can allow an authenticated attacker to get access to read arbitrary files that contain the configurations of the keys and the accounting data used by the server. These accounting data can be used to influence the external systems, which the JASPERREPORTS server is addressed.
  • CVE-2018-18809-the vulnerability of the catalog bypassing in the Jasperreports library, which can allow the user of the web server to access confidential files on the host, allowing the attacker to steal accounting and penetrate into other systems.

CISA did not reveal any additional details about how vulnerabilities are used in real attacks. Federal agencies in the United States should correct their systems until January 19, 2023.

/Media reports cited above.