Rewterz Threat Advisory – CVE-2023-33858 – IBM Business Automation Workflow Vulnerability

September 5, 2023

Severity

Medium

Analysis Summary

CVE-2023-33858

IBM Business Automation Workflow is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

Impact

Cross-Site Scripting

Indicators Of Compromise

CVE

CVE-2023-33858

Affected Vendors

IBM

Affected Products

IBM Business Automation Workflow containers 20.0.0.1
IBM Business Automation Workflow traditional 19.0.0.1
IBM Business Automation Workflow traditional 19.0.0.3
IBM Business Automation Workflow traditional 20.0.0.1

Remediation

Refer to IBM Security Bulletin 7030357 for patch, upgrade or suggested workaround information.

IBM Security Bulletin

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

CVE-2025-4544 – D-Link DI-8100 Vulnerability

Multiple Cisco IOS Xe Software Vulnerabilities

Mirai Botnet aka Katana – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

CVE-2025-4544 – D-Link DI-8100 Vulnerability

Multiple Cisco IOS Xe Software Vulnerabilities

Mirai Botnet aka Katana – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Severity

Analysis Summary

Impact

Indicators Of Compromise

CVE

Affected Vendors

Affected Products

Remediation

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.

Rewterz Threat Advisory – CVE-2023-35892 – IBM Financial Transaction Manager for SWIFT Services Vulnerability

Rewterz Threat Alert – Microsoft SQL Servers Exploited to Deploy FreeWorld Ransomware – Active IOCs

Rewterz Threat Advisory – CVE-2023-35892 – IBM Financial Transaction Manager for SWIFT Services Vulnerability

Rewterz Threat Alert – Microsoft SQL Servers Exploited to Deploy FreeWorld Ransomware – Active IOCs