Rewterz

Rewterz Threat Alert – Mirai Botnet aka Katana – Active IOCs

March 9, 2024
Rewterz

Rewterz Threat Alert – FormBook Malware – Active IOCs

March 10, 2024

Rewterz Threat Advisory – Multiple IBM DS8900F Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2023-46169 CVSS:6.5

IBM DS8900F HMC 89.21.19.0, 89.21.31.0, 89.30.68.0, 89.32.40.0, and 89.33.48.0 could allow an authenticated user to arbitrarily delete a file.

CVE-2023-46170 CVSS:6.5

IBM DS8900F HMC 89.21.19.0, 89.21.31.0, 89.30.68.0, 89.32.40.0, and 89.33.48.0 could allow an authenticated user to arbitrarily read files after enumerating file names.

CVE-2023-46171 CVSS:4.3

IBM DS8900F HMC 89.21.19.0, 89.21.31.0, 89.30.68.0, 89.32.40.0, and 89.33.48.0 could allow an authenticated user to view sensitive log information after enumerating filenames.

CVE-2023-46172 CVSS:5.6

IBM DS8900F HMC 89.21.19.0, 89.21.31.0, 89.30.68.0, 89.32.40.0, and 89.33.48.0 could allow a remote attacker to bypass authentication restrictions for authorized user.

Impact

  • Security Bypass
  • Data Manipulation
  • Information Disclosure

Indicators Of Compromise

CVE

  • CVE-2023-46169
  • CVE-2023-46170
  • CVE-2023-46171
  • CVE-2023-46172

Affected Vendors

IBM

Affected Products

  • IBM DS8900F 89.21.31.0
  • IBM DS8900F 89.21.19.0
  • IBM DS8900F 89.30.68.0
  • IBM DS8900F 89.32.40.0
  • IBM DS8900F 89.33.48.0

Remediation

Refer to the appropriate IBM Security Advisory for patch, upgrade or suggested workaround information.

IBM Security Advisory

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.