Rewterz Threat Alert – Ursnif Banking Trojan – Active IOCs
February 3, 2022Rewterz Threat Advisory – CVE-2021-39021 – IBM Security Guardium Data Encryption Vulnerability
February 4, 2022Rewterz Threat Alert – Ursnif Banking Trojan – Active IOCs
February 3, 2022Rewterz Threat Advisory – CVE-2021-39021 – IBM Security Guardium Data Encryption Vulnerability
February 4, 2022Severity
High
Analysis Summary
CVE-2021-36152
Apache Gobblin could provide weaker than expected security, caused by an issue with all certificates used for LDAP connections are trusted by the TrustManager in Gobblin-as-a-Service. A remote attacker could exploit this vulnerability to launch further attacks on the system.
CVE-2021-36151
Apache Gobblin could allow a local authenticated attacker to obtain sensitive information, caused by the storage of Hadoop token in a temp file. By gaining access to the temp file, an attacker could exploit this vulnerability to obtain credentials information, and use this information to launch further attacks against the affected system.
CVE-2022-23913
Apache ActiveMQ Artemis is vulnerable to a denial of service, caused by an uncontrolled resource consumption flaw in memory. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.
Impact
- Unauthorized Access
- Information Disclosure
- Denial of Service
Affected Vendors
Apache
Affected Products
- Apache Gobblin 0.15.0
- Apache ActiveMQ Artemis 2.19.0
Remediation
Upgrade to the latest version of Apache, available from the Apache Web site.
CVE-2021-36152
CVE-2021-36151
CVE-2022-23913