Rewterz Threat Alert – North Korea Linked Konni APT Group – Active IOCs
September 4, 2023Rewterz Threat Advisory – CVE-2023-33858 – IBM Business Automation Workflow Vulnerability
September 5, 2023Rewterz Threat Alert – North Korea Linked Konni APT Group – Active IOCs
September 4, 2023Rewterz Threat Advisory – CVE-2023-33858 – IBM Business Automation Workflow Vulnerability
September 5, 2023Severity
High
Analysis Summary
CVE-2023-35892
IBM Financial Transaction Manager for SWIFT Services 3.2.4 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources.
Impact
- Information Theft
Indicators Of Compromise
CVE
- CVE-2023-35892
Affected Vendors
IBM
Affected Products
- IBM Financial Transaction Manager for SWIFT Services 3.2.4
Remediation
Refer to IBM Security Bulletin for patch, upgrade or suggested workaround information.