Report Incident
× Home Cybertech Africa 2023 2 DPO Rw-CSIRT Website About Rw-CSIRT Alerts Advisories About NCSA Documentation News & Events Topics Contact us Opportunities Privacy Policy

Advisory: Apache CVE

Apache has released a security update to address a vulnerability affecting different versions of their software (CVE-2022-42889).
Affected systems
This vulnerability is affecting versions starting with version 1.5 and continuing through 1.9.
Security Risks
This vulnerability may allow remote code execution or unintentional contact with remote servers if untrusted configuration values are used.
Recommended Actions
The National Cyber Security Authority (NCSA) strongly recommends to system administrators:
a. Follow the advisory shared by Apache and apply suggested mitigations to lower the risk of vulnerability exploitation.
b. Users are recommended to upgrade to Apache Commons Text 1.10.0, which disables the problematic interpolators by default.
c. Before any update task, please ensure you have a recent backup that can easily be restored.
For further information and support, please contact NCSA by email at or call us at 9009.

19 October 2022

© 2024 National Cyber Security Authority