Rewterz Threat Advisory – Ursnif Banking Trojan aka Gozi – Active IOCs
June 22, 2023Rewterz Threat Alert – APT-C-35 aka Donot Team – Active IOCs
June 22, 2023Rewterz Threat Advisory – Ursnif Banking Trojan aka Gozi – Active IOCs
June 22, 2023Rewterz Threat Alert – APT-C-35 aka Donot Team – Active IOCs
June 22, 2023Severity
High
Analysis Summary
CVE-2023-34340 CVSS:7.5
Apache Accumulo could allow a remote attacker to bypass security restrictions, caused by a defect in the user authentication process. By providing invalid credentials, an attacker could exploit this vulnerability to bypass the authentication mechanism and incorrectly validate cached credentials.
CVE-2023-34981 CVSS:7.5
Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by a flaw when a response did not have any HTTP headers set. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
Impact
- Security Bypass
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2023-34340
- CVE-2023-34981
Affected Vendors
Apache
Affected Products
- Apache Accumulo 2.1.0
- Apache Tomcat 8.5.88
- Apache Tomcat 9.0.74
- Apache Tomcat 10.1.8
- Apache Tomcat 11.0.0-M5
Remediation
Upgrade to the latest version of Apache Tomcat and Accumulo, available from the Apache Web site.