Advertisement
Top
image credit: Adobe Stock

CISA Warns of Active exploitation of JasperReports Vulnerabilities

December 30, 2022

Via: The Hacker News
Category:

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two years-old security flaws impacting TIBCO Software’s JasperReports product to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.

The flaws, tracked as CVE-2018-5430 (CVSS score: 7.7) and CVE-2018-18809 (CVSS score: 9.9), were addressed by TIBCO in April 2018 and March 2019, respectively.

TIBCO JasperReports is a Java-based reporting and data analytics platform for creating, distributing, and managing reports and dashboards.

Read More on The Hacker News

RELATED PUBLICATIONS

OpenAI’s GPT-4 can exploit real vulnerabilities by reading security advisories
Unpatched Vulnerabilities: The Most Brutal Ransomware Attack Vector
Google Patches Exploited Pixel Vulnerabilities

Latest Publications

UK Ministry of Defense disclosed a third-party data breach exposing military personnel data 
Most Tinyproxy Instances are potentially vulnerable to flaw CVE-2023-49606
Ransomware evolves from mere extortion to ‘psychological attacks’
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!