Vulnerability Details : CVE-2022-42889
Public exploit exists!
Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "${prefix:name}", where "prefix" is used to locate an instance of org.apache.commons.text.lookup.StringLookup that performs the interpolation. Starting with version 1.5 and continuing through 1.9, the set of default Lookup instances included interpolators that could result in arbitrary code execution or contact with remote servers. These lookups are: - "script" - execute expressions using the JVM script execution engine (javax.script) - "dns" - resolve dns records - "url" - load values from urls, including from remote servers Applications using the interpolation defaults in the affected versions may be vulnerable to remote code execution or unintentional contact with remote servers if untrusted configuration values are used. Users are recommended to upgrade to Apache Commons Text 1.10.0, which disables the problematic interpolators by default.
Vulnerability category: Execute code
Products affected by CVE-2022-42889
- cpe:2.3:a:apache:commons_text:*:*:*:*:*:*:*:*
- cpe:2.3:a:juniper:security_threat_response_manager:*:*:*:*:*:*:*:*
- cpe:2.3:a:juniper:security_threat_response_manager:7.5.0:up1:*:*:*:*:*:*
- cpe:2.3:a:juniper:security_threat_response_manager:7.5.0:up2:*:*:*:*:*:*
- cpe:2.3:a:juniper:security_threat_response_manager:7.5.0:up3:*:*:*:*:*:*
- cpe:2.3:a:juniper:security_threat_response_manager:7.5.0:-:*:*:*:*:*:*
- cpe:2.3:a:netapp:bluexp:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2022-42889
97.33%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2022-42889
-
Apache Commons Text RCE
Disclosure Date: 2022-10-13First seen: 2024-01-23exploit/multi/http/apache_commons_text4shell
CVSS scores for CVE-2022-42889
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2022-42889
-
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.Assigned by: nvd@nist.gov (Primary)
References for CVE-2022-42889
-
http://seclists.org/fulldisclosure/2023/Feb/3
Full Disclosure: OXAS-ADV-2022-0002: OX App Suite Security AdvisoryMailing List;Third Party Advisory
-
http://packetstormsecurity.com/files/176650/Apache-Commons-Text-1.9-Remote-Code-Execution.html
Apache Commons Text 1.9 Remote Code Execution ≈ Packet Storm
-
http://packetstormsecurity.com/files/171003/OX-App-Suite-Cross-Site-Scripting-Server-Side-Request-Forgery.html
OX App Suite Cross Site Scripting / Server-Side Request Forgery ≈ Packet StormThird Party Advisory;VDB Entry
-
http://www.openwall.com/lists/oss-security/2022/10/13/4
oss-security - CVE-2022-42889: Apache Commons Text prior to 1.10.0 allows RCE when applied to untrusted input due to insecure interpolation defaultsMailing List;Third Party Advisory
-
https://security.netapp.com/advisory/ntap-20221020-0004/
CVE-2022-42889 Apache Commons Text Vulnerability in NetApp Products | NetApp Product SecurityThird Party Advisory
-
https://security.gentoo.org/glsa/202301-05
Apache Commons Text: Arbitrary Code Execution (GLSA 202301-05) — Gentoo securityThird Party Advisory
-
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0022
Security AdvisoryThird Party Advisory
-
https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om
CVE-2022-42889: Apache Commons Text prior to 1.10.0 allows RCE when applied to untrusted input due to insecure interpolation defaults-Apache Mail ArchivesMailing List;Vendor Advisory
-
http://www.openwall.com/lists/oss-security/2022/10/18/1
oss-security - Re: CVE-2022-42889: Apache Commons Text prior to 1.10.0 allows RCE when applied to untrusted input due to insecure interpolation defaultsMailing List;Third Party Advisory
Jump to