Rewterz Threat Alert – Microsoft’s SQL Servers Targeted – Active IOCs
February 23, 2022Rewterz Threat Advisory – CVE-2022-25636 – Linux Kernel Vulnerability
February 24, 2022Rewterz Threat Alert – Microsoft’s SQL Servers Targeted – Active IOCs
February 23, 2022Rewterz Threat Advisory – CVE-2022-25636 – Linux Kernel Vulnerability
February 24, 2022Severity
High
Analysis Summary
CVE-2022-22336
IBM Sterling External Authentication Server and IBM Sterling Secure Proxy 6.0.3.0, 6.0.2.0, and 3.4.3.2 could allow a remote user to consume resources causing a denial of service due to a resource leak.
CVE-2022-22333
IBM Sterling Secure Proxy 6.0.3.0, 6.0.2.0, and 3.4.3.2 and IBM Sterling External Authentication Server are vulnerable a buffer overflow, due to the Jetty-based GUI in the Secure Zone not properly validating the sizes of the form content and/or HTTP headers submitted. A local attacker positioned inside the Secure Zone could submit a specially crafted HTTP request to disrupt service.
Impact
- Denial of Service
Indicators of Compromise
CVEs
- CVE-2022-22336CVE-2022-22333
Affected Vendors
IBM
Affected Products
- IBM Sterling Secure Proxy 3.4.3.2
- IBM Sterling Secure Proxy 6.0.3.0
- IBM Sterling Secure Proxy 6.0.2.0
Remediation
Refer to IBM Security Bulletin for patch, upgrade or suggested workaround information.