May 1, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – North Korean APT Kimsuky Aka Black Banshee – Active IOCs
December 16, 2022Rewterz Threat Advisory – Shuckworm APT Group aka Armageddon – Active IOCs
December 16, 2022Rewterz Threat Alert – North Korean APT Kimsuky Aka Black Banshee – Active IOCs
December 16, 2022Rewterz Threat Advisory – Shuckworm APT Group aka Armageddon – Active IOCs
December 16, 2022
Severity
Medium
Analysis Summary
CVE-2022-34271
Apache Atlas could allow a remote authenticated attacker to traverse directories on the system, caused by improper archive file validation. An attacker could use a specially-crafted archive file containing “dot dot” sequences (/../) to write to web server filesystem.
Impact
Information Theft
Indicators Of Compromise
CVE
- CVE-2022-34271
Affected Vendors
Apache
Affected Products
- Apache Atlas 0.8.4
- Apache Atlas 2.2.0
Remediation
Upgrade to the latest version of Apache Atlas, available from the Apache Website.
