Rewterz Threat Alert – Remcos RAT – Active IOCs
January 21, 2023Rewterz Threat Advisory – CVE-2022-41733 – IBM InfoSphere Information Server Vulnerability
January 22, 2023Rewterz Threat Alert – Remcos RAT – Active IOCs
January 21, 2023Rewterz Threat Advisory – CVE-2022-41733 – IBM InfoSphere Information Server Vulnerability
January 22, 2023Severity
Medium
Analysis Summary
CVE-2021-39089 CVSS:4.3
IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.6.0 could allow an authenticated user to obtain sensitive information from a specially crafted HTTP request.
CVE-2021-39011 CVSS:4.2
IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.6.0 stores potentially sensitive information in log files that could be read by a privileged user.
Impact
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2021-39089
- CVE-2021-39011
Affected Vendors
IBM
Affected Products
- IBM Cloud Pak for Security 1.10.0.0
- IBM Cloud Pak for Security 1.10.6.0
Remediation
Refer to IBM Security Bulletin for patch, upgrade or suggested workaround information.