CISA_WARNS modifies JasperReports exploit recommendations into actions
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) listed two-year-old security flaws in TIBCO Software’s JasperReports product thatcited evidence of exploitive use in the CISA Known Exploited Vulnerabilities (KEV) catalog. In April 2018 and March 2019, TIBCO resolved the vulnerabilities tracked as CVE-2018-5430 (CVSS score: 7.7) and CVE-2018-18809 (CVSS score: 9.9), respectively. TIBCO JasperReports is