Rewterz Threat Advisory – CVE-2023-28205 – Apple Safari WebKit Vulnerability
April 10, 2023Rewterz Threat Advisory – Multiple WordPress Plugins Vulnerabilities
April 10, 2023Rewterz Threat Advisory – CVE-2023-28205 – Apple Safari WebKit Vulnerability
April 10, 2023Rewterz Threat Advisory – Multiple WordPress Plugins Vulnerabilities
April 10, 2023Severity
Medium
Analysis Summary
CVE-2022-34333 CVSS:5.9
IBM Sterling Order Management 10.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts.
CVE-2022-33959 CVSS:5.4
IBM Sterling Order Management 10.0 could allow a user to bypass validation and perform unauthorized actions on behalf of other users.
Impact
- Information Disclosure
- Privilege Escalation
Indicators Of Compromise
CVE
- CVE-2022-34333
- CVE-2022-33959
Affected Vendors
IBM
Affected Products
- IBM Sterling Order Management 10.0
Remediation
Refer to IBM Security Bulletin for patch, upgrade or suggested workaround information.