February 17, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – Bitter APT Group Continues To Target Bangladesh – Active IOCs
July 8, 2022Rewterz Threat Advisory – CVE-2022-22476 – IBM WebSphere Application Server Vulnerability
July 8, 2022Rewterz Threat Alert – Bitter APT Group Continues To Target Bangladesh – Active IOCs
July 8, 2022Rewterz Threat Advisory – CVE-2022-22476 – IBM WebSphere Application Server Vulnerability
July 8, 2022
Severity
Medium
Analysis Summary
CVE-2022-28889 CVSS:6.5
Apache Druid could allow a remote attacker to hijack the clicking action of the victim, caused by not set appropriate headers in the HTTP response. An attacker could exploit this vulnerability to hijack the victim’s click actions and launch further attacks against the victim.
CVE-2021-44791 CVSS:6.1
Apache Druid is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim’s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
Impact
- Unauthorized Access
- Cross-Site Scripting
Indicators Of Compromise
CVE
- CVE-2022-28889
- CVE-2021-44791
Affected Vendors
- Apache
Affected Products
- Apache Druid 0.22.1
Remediation
Upgrade to the latest version of Apache Druid, available from the Apache Website.
Apache Website