March 12, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – Blind Eagle Threat Actor Targets Manufacturing Sector in North America with Ande Loader Malware – Active IOCs
March 14, 2024Rewterz Threat Alert – SideWinder APT Group aka Rattlesnake – Active IOCs
March 15, 2024Rewterz Threat Alert – Blind Eagle Threat Actor Targets Manufacturing Sector in North America with Ande Loader Malware – Active IOCs
March 14, 2024Rewterz Threat Alert – SideWinder APT Group aka Rattlesnake – Active IOCs
March 15, 2024
Severity
High
Analysis Summary
CVE-2024-27266 CVSS:8.2
IBM Maximo Application Suite 7.6.1.3 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources.
CVE-2024-27265 CVSS:4.5
IBM Integration Bus for z/OS 10.1 through 10.1.0.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
CVE-2024-22346 CVSS:8.4
Db2 for IBM i 7.2, 7.3, 7.4, and 7.5 infrastructure could allow a local user to gain elevated privileges due to an unqualified library call. A malicious actor could cause user-controlled code to run with administrator privilege.
Impact
- Gain Access
- Privilege Escalation
Indicators Of Compromise
CVE
- CVE-2024-27266
- CVE-2024-27265
- CVE-2024-22346
Affected Vendors
IBM
Affected Products
- IBM i 7.2
- IBM i 7.3
- IBM i 7.4
- IBM Maximo Asset Management 7.6.1.3
- IBM i 7.5
- IBM Integration Bus for z/OS 10.1
- IBM Integration Bus for z/OS 10.1.0.3
Remediation
Refer to IBM Security Advisory for patch, upgrade or suggested workaround information.