/
CVE-2022-42889 Impact on Clarity, Jaspersoft & ODATA on AWS

CVE-2022-42889 Impact on Clarity, Jaspersoft & ODATA on AWS

Owned by Jared Hodgson (Unlicensed)
Last updated: Nov 08, 2022
1 min read

Broadcom has published an article regarding the impact of CVE-2022-42889 on Clarity, Jaspersoft and ODATA. The following information is an assessment of the impact of CVE-2022-42889 for environments managed by Rego on Amazon Web Services.

Clarity on AWS is not vulnerable

Jaspersoft on AWS is not vulnerable

ODATA on AWS is not vulnerable

The systems hosted on AWS have pre-existing firewall rules in place to remediate this vulnerability and ensure the systems on AWS cannot be exploited. There is no further impact or risk with CVE-2022-42889, although NIST continues to evaluate the vulnerability. Rego is closely tracking the results of the NIST reanalysis effort and will respond accordingly.

 

Nov-5 Update - Although the vulnerability is mitigated by pre-existing firewall rules, Rego has applied an updated file to Jaspersoft as recommended by NIST. This was deployed to all Clarity non-production environments.