Endpoint/Device Security, Vulnerability Management

CISA: JasperReports flaws under active exploitation

Two old security vulnerabilities impacting TIBCO Software's Java-based reporting and data analytics platform JasperReports are being leveraged in ongoing attacks, prompting their addition to the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalog, reports The Hacker News. Threat actors have been exploiting CVE-2018-5430, an information disclosure flaw patched in April 2018, to facilitate read-only access to arbitrary files. "The impact includes the possible read-only access by authenticated users to web application configuration files that contain the credentials used by the server. Those credentials could then be used to affect external systems accessed by the JasperReports Server," said TIBCO. Meanwhile, CVE-2018-18809, a directory traversal bug addressed in March 2019, could be abused to enable sensitive file access for web server users and eventually allow credential theft and further system infiltrations. While no specifics have been provided by CISA regarding the ongoing attacks leveraging the flaws, federal agencies have been required to remediate both vulnerabilities by Jan. 19.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.