Rewterz Threat Alert – Phobos Ransomware – Active IOCs
December 8, 2022Rewterz Threat Alert – APT-C-35 aka Donot Team – Active IOCs
December 8, 2022Rewterz Threat Alert – Phobos Ransomware – Active IOCs
December 8, 2022Rewterz Threat Alert – APT-C-35 aka Donot Team – Active IOCs
December 8, 2022Severity
High
Analysis Summary
CVE-2022-43581
IBM Content Navigator 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.8, 3.0.9, 3.0.10, 3.0.11, and 3.0.12 is vulnerable to missing authorization and could allow an authenticated user to load external plugins and execute code.
Impact
Code Execution
Indicators Of Compromise
CVE
- CVE-2022-43581
Affected Vendors
IBM
Affected Products
- IBM Content Navigator 3.0.0
- IBM Content Navigator 3.0.1
- IBM Content Navigator 3.0.2
- IBM Content Navigator 3.0.3
- IBM Content Navigator 3.0.4
- IBM Content Navigator 3.0.7
- IBM Content Navigator 3.0.8
- IBM Content Navigator 3.0.9
- IBM Content Navigator 3.0.10
- IBM Content Navigator 3.0.11
- IBM Content Navigator 3.0.12
- IBM Content Navigator 3.0.5
- IBM Content Navigator 3.0.6
Remediation
Refer to IBM Security Advisory for patch, upgrade or suggested workaround information.