{"document":{"category":"csaf_vex","csaf_version":"2.1","notes":[{"category":"summary","text":"Palo Alto Networks PSIRT provided VEX document. This document is autogenerated.","title":"Impact of Apache Text Commons Vulnerability CVE-2022-42889"}],"publisher":{"category":"vendor","name":"Palo Alto Networks","namespace":"https://security.paloaltonetworks.com"},"title":"Palo Alto Networks PSIRT provided VEX document: CVE-2022-42889","distribution":{"text":"Copyright © 2024 Palo Alto Networks. All rights reserved.","tlp":{"label":"CLEAR","url":"https://www.first.org/tlp/"}},"tracking":{"current_release_date":"2026-07-15T11:34:05.911Z","generator":{"date":"2026-07-15T11:34:05.911Z","engine":{"name":"Vulnogram","version":"0.0.9"}},"id":"CVE-2022-42889","initial_release_date":"2022-11-09T17:00:00.000Z","revision_history":[{"number":"1","date":"2022-11-09T09:00:00.000Z","summary":"Initial publication"}],"status":"final","version":"1"}},"product_tree":{"branches":[{"name":"Palo Alto Networks","category":"vendor","branches":[{"name":"PAN-OS","category":"product_name","branches":[{"category":"product_version","name":"PAN-OS All","product":{"name":"Palo Alto Networks PAN-OS","product_id":"PANW-PAN-OS-1"}}]},{"name":"Cortex XDR Agent","category":"product_name","branches":[{"category":"product_version","name":"Cortex XDR Agent All","product":{"name":"Palo Alto Networks Cortex XDR Agent","product_id":"PANW-Cortex-XDR-Agent-1"}}]},{"name":"GlobalProtect App","category":"product_name","branches":[{"category":"product_version","name":"GlobalProtect App All","product":{"name":"Palo Alto Networks GlobalProtect App","product_id":"PANW-GlobalProtect-App-1"}}]},{"name":"Cortex XSOAR","category":"product_name","branches":[{"category":"product_version","name":"Cortex XSOAR All","product":{"name":"Palo Alto Networks Cortex XSOAR","product_id":"PANW-Cortex-XSOAR-4"}}]},{"name":"WildFire Appliance (WF-500)","category":"product_name","branches":[{"category":"product_version","name":"WildFire Appliance (WF-500) All","product":{"name":"Palo Alto Networks WildFire Appliance (WF-500)","product_id":"PANW-WildFire-Appliance-(WF-500)-1"}}]},{"name":"Expanse","category":"product_name","branches":[{"category":"product_version","name":"Expanse All","product":{"name":"Palo Alto Networks Expanse","product_id":"PANW-Expanse-1"}}]},{"name":"Okyo Garde","category":"product_name","branches":[{"category":"product_version","name":"Okyo Garde All","product":{"name":"Palo Alto Networks Okyo Garde","product_id":"PANW-Okyo-Garde-1"}}]},{"name":"Palo Alto Networks App for Splunk","category":"product_name","branches":[{"category":"product_version","name":"Palo Alto Networks App for Splunk All","product":{"name":"Palo Alto Networks Palo Alto Networks App for Splunk","product_id":"PANW-Palo-Alto-Networks-App-for-Splunk-1"}}]},{"name":"Prisma Cloud Compute","category":"product_name","branches":[{"category":"product_version","name":"Prisma Cloud Compute All","product":{"name":"Palo Alto Networks Prisma Cloud Compute","product_id":"PANW-Prisma-Cloud-Compute-1"}}]},{"name":"Expedition Migration Tool","category":"product_name","branches":[{"category":"product_version","name":"Expedition Migration Tool All","product":{"name":"Palo Alto Networks Expedition Migration Tool","product_id":"PANW-Expedition-Migration-Tool-1"}}]},{"name":"IoT Security","category":"product_name","branches":[{"category":"product_version","name":"IoT Security All","product":{"name":"Palo Alto Networks IoT Security","product_id":"PANW-IoT-Security-1"}}]},{"name":"User-ID Agent","category":"product_name","branches":[{"category":"product_version","name":"User-ID Agent All","product":{"name":"Palo Alto Networks User-ID Agent","product_id":"PANW-User-ID-Agent-1"}}]},{"name":"Exact Data Matching CLI","category":"product_name","branches":[{"category":"product_version","name":"Exact Data Matching CLI All","product":{"name":"Palo Alto Networks Exact Data Matching CLI","product_id":"PANW-Exact-Data-Matching-CLI-1"}}]},{"name":"Bridgecrew","category":"product_name","branches":[{"category":"product_version","name":"Bridgecrew All","product":{"name":"Palo Alto Networks Bridgecrew","product_id":"PANW-Bridgecrew-1"}}]},{"name":"Cortex Xpanse","category":"product_name","branches":[{"category":"product_version","name":"Cortex Xpanse All","product":{"name":"Palo Alto Networks Cortex Xpanse","product_id":"PANW-Cortex-Xpanse-1"}}]},{"name":"Enterprise Data Loss Prevention","category":"product_name","branches":[{"category":"product_version","name":"Enterprise Data Loss Prevention All","product":{"name":"Palo Alto Networks Enterprise Data Loss Prevention","product_id":"PANW-Enterprise-Data-Loss-Prevention-1"}}]},{"name":"Prisma SD-WAN (CloudGenix)","category":"product_name","branches":[{"category":"product_version","name":"Prisma SD-WAN (CloudGenix) All","product":{"name":"Palo Alto Networks Prisma SD-WAN (CloudGenix)","product_id":"PANW-Prisma-SD-WAN-(CloudGenix)-1"}}]},{"name":"Prisma SD-WAN ION","category":"product_name","branches":[{"category":"product_version","name":"Prisma SD-WAN ION All","product":{"name":"Palo Alto Networks Prisma SD-WAN ION","product_id":"PANW-Prisma-SD-WAN-ION-1"}}]},{"name":"SaaS Security","category":"product_name","branches":[{"category":"product_version","name":"SaaS Security All","product":{"name":"Palo Alto Networks SaaS Security","product_id":"PANW-SaaS-Security-1"}}]},{"name":"Cortex Data Lake","category":"product_name","branches":[{"category":"product_version","name":"Cortex Data Lake All","product":{"name":"Palo Alto Networks Cortex Data Lake","product_id":"PANW-Cortex-Data-Lake-1"}}]},{"name":"AutoFocus","category":"product_name","branches":[{"category":"product_version","name":"AutoFocus All","product":{"name":"Palo Alto Networks AutoFocus","product_id":"PANW-AutoFocus-1"}}]},{"name":"WildFire Cloud","category":"product_name","branches":[{"category":"product_version","name":"WildFire Cloud All","product":{"name":"Palo Alto Networks WildFire Cloud","product_id":"PANW-WildFire-Cloud-1"}}]},{"name":"Prisma Cloud","category":"product_name","branches":[{"category":"product_version","name":"Prisma Cloud All","product":{"name":"Palo Alto Networks Prisma Cloud","product_id":"PANW-Prisma-Cloud-1"}}]},{"name":"Cloud NGFW","category":"product_name","branches":[{"category":"product_version","name":"Cloud NGFW All","product":{"name":"Palo Alto Networks Cloud NGFW","product_id":"PANW-Cloud-NGFW-1"}}]},{"name":"Prisma Access","category":"product_name","branches":[{"category":"product_version","name":"Prisma Access All","product":{"name":"Palo Alto Networks Prisma Access","product_id":"PANW-Prisma-Access-1"}}]},{"name":"Cortex XDR","category":"product_name","branches":[{"category":"product_version","name":"Cortex XDR All","product":{"name":"Palo Alto Networks Cortex XDR","product_id":"PANW-Cortex-XDR-1"}}]}]}]},"vulnerabilities":[{"cve":"CVE-2022-42889","product_status":{"known_not_affected":["PANW-PAN-OS-1","PANW-Cortex-XDR-Agent-1","PANW-GlobalProtect-App-1","PANW-Cortex-XSOAR-4","PANW-WildFire-Appliance-(WF-500)-1","PANW-Expanse-1","PANW-Okyo-Garde-1","PANW-Palo-Alto-Networks-App-for-Splunk-1","PANW-Prisma-Cloud-Compute-1","PANW-Expedition-Migration-Tool-1","PANW-IoT-Security-1","PANW-User-ID-Agent-1","PANW-Exact-Data-Matching-CLI-1","PANW-Bridgecrew-1","PANW-Cortex-Xpanse-1","PANW-Enterprise-Data-Loss-Prevention-1","PANW-Prisma-SD-WAN-(CloudGenix)-1","PANW-Prisma-SD-WAN-ION-1","PANW-SaaS-Security-1","PANW-Cortex-Data-Lake-1","PANW-AutoFocus-1","PANW-WildFire-Cloud-1","PANW-Prisma-Cloud-1","PANW-Cloud-NGFW-1","PANW-Prisma-Access-1","PANW-Cortex-XDR-1"]},"notes":[{"category":"description","text":"Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is \"${prefix:name}\", where \"prefix\" is used to locate an instance of org.apache.commons.text.lookup.StringLookup that performs the interpolation. Starting with version 1.5 and continuing through 1.9, the set of default Lookup instances included interpolators that could result in arbitrary code execution or contact with remote servers. These lookups are: - \"script\" - execute expressions using the JVM script execution engine (javax.script) - \"dns\" - resolve dns records - \"url\" - load values from urls, including from remote servers Applications using the interpolation defaults in the affected versions may be vulnerable to remote code execution or unintentional contact with remote servers if untrusted configuration values are used. Users are recommended to upgrade to Apache Commons Text 1.10.0, which disables the problematic interpolators by default."}],"references":[{"category":"external","summary":"NVD - CVE-2022-42889","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-42889"},{"category":"self","summary":"Palo Alto Networks Security Advisory CVE-2022-42889","url":"https://security.paloaltonetworks.com/CVE-2022-42889"}],"threats":[{"category":"impact","description":"Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is \"${prefix:name}\", where \"prefix\" is used to locate an instance of org.apache.commons.text.lookup.StringLookup that performs the interpolation. Starting with version 1.5 and continuing through 1.9, the set of default Lookup instances included interpolators that could result in arbitrary code execution or contact with remote servers. These lookups are: - \"script\" - execute expressions using the JVM script execution engine (javax.script) - \"dns\" - resolve dns records - \"url\" - load values from urls, including from remote servers Applications using the interpolation defaults in the affected versions may be vulnerable to remote code execution or unintentional contact with remote servers if untrusted configuration values are used. Users are recommended to upgrade to Apache Commons Text 1.10.0, which disables the problematic interpolators by default."}]}]}