Broadcom has published an article regarding the impact of CVE-2022-42889 on Clarity, Jaspersoft and ODATA. The following information is an assessment of the impact of CVE-2022-42889 for environments managed by Rego on Amazon Web Services.
Clarity on AWS is not vulnerable
Jaspersoft on AWS is not vulnerable
ODATA on AWS is not vulnerable
The systems hosted on AWS have pre-existing firewall rules in place to remediate this vulnerability and ensure the systems on AWS cannot be exploited. There is no further impact or risk with CVE-2022-42889, although NIST continues to evaluate the vulnerability. Rego is closely tracking the results of the NIST reanalysis effort and will respond accordingly.