Rewterz Threat Advisory – Multiple Cisco Products Vulnerabilities
March 3, 2023Rewterz Threat Alert – APT-C-35 aka Donot Team – Active IOCs
March 3, 2023Rewterz Threat Advisory – Multiple Cisco Products Vulnerabilities
March 3, 2023Rewterz Threat Alert – APT-C-35 aka Donot Team – Active IOCs
March 3, 2023Severity
Medium
Analysis Summary
CVE-2023-24975 CVSS:5.4
IBM Spectrum Symphony is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking.
CVE-2022-35645 CVSS:6.4
IBM Maximo Asset Management and IBM Maximo Application Suite is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVE-2022-43902 CVSS:6.5
IBM MQ is vulnerable to a denial of service attack caused by specially crafted PCF or MQSC messages.
CVE-2020-5026 CVSS:4.3
IBM Financial Transaction Manager for Digital Payments for Multi-Platform could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system.
Impact
- Denial of Service
- Cross-Site Scripting
- Gain Access
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2023-24975
- CVE-2022-35645
- CVE-2022-43902
- CVE-2020-5026
Affected Vendors
IBM
Affected Products
- IBM Spectrum Symphony 7.3
- IBM Maximo Asset Management 7.6.1.1
- IBM Maximo Asset Management 7.6.1.2
- IBM Maximo Asset Management 7.6.1.3
- IBM Maximo Application Suite 8.8.0
- IBM Maximo Application Suite 8.9
- IBM MQ Appliance 9.2.CD
- IBM MQ Appliance 9.2.LTS
- IBM MQ Appliance 9.3.LTS
- IBM MQ Appliance 9.3.CD
- IBM Financial Transaction Manager 3.2.0
- IBM Financial Transaction Manager 3.2.7
Remediation
Refer to IBM Security Bulletin for patch, upgrade or suggested workaround information.