Rewterz Threat Alert – Qakbot aka Pinkslipbot or Qbot Malware – Active IOCs
April 26, 2023Rewterz Threat Advisory – Multiple IBM Products Vulnerabilities
April 27, 2023Rewterz Threat Alert – Qakbot aka Pinkslipbot or Qbot Malware – Active IOCs
April 26, 2023Rewterz Threat Advisory – Multiple IBM Products Vulnerabilities
April 27, 2023Severity
High
Analysis Summary
CVE-2023-45801
Apache StreamPark could allow a remote authenticated attacker to bypass security restrictions, caused by a LDAP Injection flaw. By sending a specially-crafted request using LDAP statements, an attacker could exploit this vulnerability to gain permissions to unauthorized queries, and perform content modification inside the LDAP tree.
Impact
- Security Bypass
Indicators Of Compromise
CVE
- CVE-2023-45801
Affected Vendors
Apache
Affected Products
- Apache StreamPark 1.0.0
Remediation
Upgrade to the latest version of Apache StreamPark, available from the Apache Web site.