...
The systems hosted on AWS have pre-existing firewall rules in place to remediate this vulnerability and ensure the systems on AWS cannot be exploited. There is no further impact or risk with CVE-2022-42889, although NIST continues to evaluate the vulnerability. Rego is closely tracking the results of the NIST reanalysis effort and will respond accordingly.
Nov-5 Update - Although the vulnerability is mitigated by pre-existing firewall rules, Rego has applied an updated file to Jaspersoft as recommended by NIST. This was deployed to all Clarity non-production environments.