Rewterz Threat Alert – -C-35 aka Donot Team – Active IOCs

December 2, 2022

Rewterz Threat Advisory – CVE-2022-41296 – IBM Db2U Vulnerability

December 2, 2022

Rewterz Threat Advisory – CVE-2021-38997 – IBM API Connect HOST Vulnerability

December 2, 2022

Severity

Medium

Analysis Summary

CVE-2021-38997

IBM API Connect V10.0.0.0 through V10.0.5.0, V10.0.1.0 through V10.0.1.7, and V2018.4.1.0 through 2018.4.1.19 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking.

Impact

Gain Access

Indicators Of Compromise

CVE

CVE-2021-38997

Affected Vendors

IBM

Affected Products

IBM API Connect 2018.4.1.0
IBM API Connect 10.0.0.0
IBM API Connect 10.0.1.0
IBM API Connect 10.0.5.0
IBM API Connect 10.0.1.7
IBM API Connect 2018.4.1.19

Remediation

Refer to IBM Security Bulletin for patch, upgrade or suggested workaround information.

IBM Security Bulletin

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Microsoft Entra Account Lockouts Triggered by Token Logging Error

SideWinder APT Group aka Rattlesnake Targeting Pakistan – Active IOCs

SideWinder APT Group aka Rattlesnake – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Alert – -C-35 aka Donot Team – Active IOCs

Rewterz Threat Advisory – CVE-2022-41296 – IBM Db2U Vulnerability

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.