Rewterz Threat Alert – IcedID Banking Trojan aka BokBot – Active IOCs
January 19, 2023Rewterz Threat Advisory – CVE-2023-21888 – Oracle Construction and Engineering Vulnerability
January 19, 2023Rewterz Threat Alert – IcedID Banking Trojan aka BokBot – Active IOCs
January 19, 2023Rewterz Threat Advisory – CVE-2023-21888 – Oracle Construction and Engineering Vulnerability
January 19, 2023Severity
Medium
Analysis Summary
CVE-2023-21891 CVSS:5.4
An unspecified vulnerability in Oracle Fusion Middleware related to the Visual Analyzer component could allow a remote authenticated attacker to bypass security restrictions resulting in a low confidentiality and integrity impacts using unknown attack vectors.
CVE-2023-21892 CVSS:5.4
An unspecified vulnerability in Oracle Fusion Middleware related to the Visual Analyzer component could allow a remote authenticated attacker to bypass security restrictions resulting in a low confidentiality and integrity impacts using unknown attack vectors.
Impact
- Security Bypass
Indicators Of Compromise
CVE
- CVE-2023-21892
- CVE-2023-21891
Affected Vendors
Oracle
Affected Products
- Oracle Fusion Middleware 5.9.0.0.0
- Oracle Fusion Middleware 6.4.0.0.0
Remediation
Refer to Oracle Critical Patch Update Advisory for patch, upgrade or suggested workaround information.