October 21, 2024
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
SideWinder APT Group aka Rattlesnake – Active IOCs
June 21, 2024
Cobalt Strike Malware – Active IOCs
June 22, 2024
SideWinder APT Group aka Rattlesnake – Active IOCs
June 21, 2024
Cobalt Strike Malware – Active IOCs
June 22, 2024
Severity
High
Analysis Summary
CVE-2024-31890 CVSS:7.8
IBM i 7.3, 7.4, and 7.5 product IBM TCP/IP Connectivity Utilities for i contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain root access to the host operating system.
CVE-2024-37532 CVSS:8.8
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to identity spoofing by an authenticated user due to improper signature validation.
Impact
- Gain Access
- Privilege Escalation
Indicators of Compromise
CVE
- CVE-2024-31890
- CVE-2024-37532
Affected Vendors
IBM
Affected Products
- IBM WebSphere Application Server 8.5
- IBM WebSphere Application Server 9.0
- IBM i 7.3
- IBM i 7.4
- IBM i 7.5
Remediation
Refer to IBM Security Advisory for patch, upgrade or suggested workaround information.