March 11, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – Office 365 Phishing Uses Image Inversion to Bypass Detection
November 9, 2020Rewterz Threat Alert – Latest AZORult IOCs
November 10, 2020Rewterz Threat Advisory – Office 365 Phishing Uses Image Inversion to Bypass Detection
November 9, 2020Rewterz Threat Alert – Latest AZORult IOCs
November 10, 2020
Severity
High
Analysis Summary
CVE-2020-4759
IBM FileNet Content Manager is potentially vulnerable to CVS Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents.
CVE-2020-4651
IBM Maximo Spatial Asset Management is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
Impact
Gain Access
Affected Vendors
IBM
Affected Products
- IBM FileNet Content Manager 5.5.4
- IBM FileNet Content Manager 5.5.5
- IBM Maximo Spatial Asset Management 7.6.0.3
- IBM Maximo Spatial Asset Management 7.6.0.4
- IBM Maximo Spatial Asset Management 7.6.0.5
- IBM Maximo Spatial Asset Management 7.6.1.0
Remediation
Refer to IBM Security Bulletin for patch, upgrade or suggested workaround information.
IBM Security Bulletin 6336917 (FileNet Content Manager)
IBM Security Bulletin 6361767 (Maximo Spatial Asset Management)