March 25, 2023

Rewterz Threat Alert – GandCrab or .CRAB Ransomware – Active IOCs

Severity Medium Analysis Summary GandCrab – a ransomware-as-a-service variant – was discovered in early 2018. At least five versions of GandCrab have been created since its […]

March 25, 2023

Rewterz Threat Alert – NJRAT – Active IOCs

Severity Medium Analysis Summary NjRat is a Remote Access Trojan, which is found leveraging Pastebin to deliver a second-stage payload after initial infection. There are multiple […]

March 24, 2023

Rewterz Threat Advisory – CVE-2023-20113 – Cisco SD-WAN vManage Software Vulnerability

Severity Medium Analysis Summary CVE-2023-20113 Cisco SD-WAN vManage Software is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading an authenticated […]

March 25, 2023

Rewterz Threat Alert – GandCrab or .CRAB Ransomware – Active IOCs

Severity Medium Analysis Summary GandCrab – a ransomware-as-a-service variant – was discovered in early 2018. At least five versions of GandCrab have been created since its […]

March 25, 2023

Rewterz Threat Alert – NJRAT – Active IOCs

Severity Medium Analysis Summary NjRat is a Remote Access Trojan, which is found leveraging Pastebin to deliver a second-stage payload after initial infection. There are multiple […]

March 24, 2023

Rewterz Threat Advisory – CVE-2023-20113 – Cisco SD-WAN vManage Software Vulnerability

Rewterz Threat Advisory – CVE-2021-21484 – SAP HANA security bypass

March 10, 2021

Rewterz Threat Advisory – CVE-2021-27077 – Microsoft Windows privilege escalation

March 10, 2021

Rewterz Threat Advisory – SAP NetWeaver Knowledge Management denial of service

March 10, 2021

Severity

High

Analysis Summary

CVE-2021-21488

SAP NetWeaver Knowledge Management is vulnerable to a denial of service, caused by an insecure deserialization flaw. By sending a specially-crafted request, a remote authenticated attacker could exploit this vulnerability to cause a denial of service condition.

Impact

Denial of service

Affected Vendors

SAP

Affected Products

SAP NetWeaver Knowledge Management 7.01
SAP NetWeaver Knowledge Management 7.02
SAP NetWeaver Knowledge Management 7.30
SAP NetWeaver Knowledge Management 7.31
SAP NetWeaver Knowledge Management 7.40
SAP NetWeaver Knowledge Management 7.50

Remediation

Refer to SAP SAP note 2983436 for patch information.

SAP Security Patch Day – March 2021

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Rewterz Threat Alert – GandCrab or .CRAB Ransomware – Active IOCs

Rewterz Threat Alert – NJRAT – Active IOCs

Rewterz Threat Advisory – CVE-2023-20113 – Cisco SD-WAN vManage Software Vulnerability

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Rewterz Threat Alert – GandCrab or .CRAB Ransomware – Active IOCs

Rewterz Threat Alert – NJRAT – Active IOCs

Rewterz Threat Advisory – CVE-2023-20113 – Cisco SD-WAN vManage Software Vulnerability

Threat Insights

About Us

Our Leadership

CSR

Connect with Us