Multiple Microsoft Products Vulnerabilities
April 16, 2024MuddyWater APT Incorporated New C2 Tool ‘DarkBeatC2 – Active IOCs
April 16, 2024Multiple Microsoft Products Vulnerabilities
April 16, 2024MuddyWater APT Incorporated New C2 Tool ‘DarkBeatC2 – Active IOCs
April 16, 2024Severity
Medium
Analysis Summary
CVE-2023-50307 CVSS:5.4
IBM Sterling B2B Integrator 6.0.0.0 through 6.0.3.9, 6.1.0.0 through 6.1.2.3, and 6.2.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVE-2024-22357 CVSS:5.4
IBM Sterling B2B Integrator 6.0.0.0 through 6.0.3.9, 6.1.0.0 through 6.1.2.3, and 6.2.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVE-2024-27261 CVSS:6.4
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.2 could allow a privileged user to install a potentially dangerous tar file, which could give them access to subsequent systems where the package was installed.
CVE-2023-50949 CVSS:5.9
IBM QRadar SIEM 7.5 could allow an unauthorized user to perform unauthorized actions due to improper certificate validation.
CVE-2023-45186 CVSS:4.8
IBM Sterling B2B Integrator 6.0.0.0 through 6.0.3.9, 6.1.0.0 through 6.1.2.3, and 6.2.0.0 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVE-2023-47714 CVSS:4.8
IBM Sterling File Gateway 6.0.0.0 through 6.0.3.9, 6.1.0.0 through 6.1.2.3, and 6.2.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVE-2024-22334 CVSS:4.4
IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 could be vulnerable to incomplete revocation of permissions when deleting a custom security resource type. When deleting a custom security type, associated permissions of objects using that type may not be fully revoked. This could lead to incorrect reporting of permission configuration and unexpected privileges being retained.
CVE-2024-22359 CVSS:6.1
IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVE-2024-22358 CVSS:6.3
IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.
CVE-2024-22339 CVSS:4.3
IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 is vulnerable to a sensitive information due to insufficient obfuscation of sensitive values from some log files.
Impact
- Cross-Site Scripting
- Privilege Escalation
- Gain Access
- Information Disclosure
Indicators of Compromise
CVE
- CVE-2023-50307
- CVE-2024-22357
- CVE-2024-27261
- CVE-2023-50949
- CVE-2023-45186
- CVE-2023-47714
- CVE-2024-22334
- CVE-2024-22359
- CVE-2024-22358
- CVE-2024-22339
Affected Vendors
Affected Products
- IBM Sterling B2B Integrator 6.0.0.0
- IBM Sterling B2B Integrator 6.1.0.0
- IBM QRadar SIEM 7.5
- IBM UrbanCode Deploy 7.0
- IBM UrbanCode Deploy 7.3
- IBM Sterling B2B Integrator 6.1.2.3
- IBM Storage Defender 2.0.0
- IBM DevOps Deploy 8.0.0.1
- IBM UrbanCode Deploy 7.3.2.4
- IBM UrbanCode Deploy 7.2.3.9
- IBM UrbanCode Deploy 7.1.2.16
- IBM Storage Defender 2.0.2
- IBM Sterling B2B Integrator 6.2.0.0
- IBM Sterling B2B Integrator 6.0.3.9
Remediation
Refer to IBM Security Advisory, upgrade or suggested workaround information.