Rewterz Threat Advisory – CVE-2022-35741 – Apache CloudStack XML Vulnerability

July 20, 2022

Rewterz Threat Advisory –IBM Engineering Lifecycle Optimization Vulnerabilities

July 20, 2022

Rewterz Threat Advisory – CVE-2022-36127 – Apache SkyWalking NodeJS Agent Vulnerability

July 20, 2022

Severity

High

Analysis Summary

CVE-2022-36127

Apache SkyWalking NodeJS Agent is vulnerable to a denial of service, caused by a flaw when the OAP is unhealthy and NodeJS agent can not establish the connection. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause NodeJS services become unavailable, and results a denial of service condition.

Impact

Denial of Service

Indicators Of Compromise

CVE

CVE-2022-36127

Affected Vendors

Apache

Affected Products

Apache SkyWalking NodeJS Agent 0.5.0

Remediation

Upgrade to the latest version of Apache SkyWalking NodeJS Agent, available from the SkyWalking NodeJS Agent GIT Repository.

SkyWalking NodeJS Agent GIT Repository

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

GitHub Tools Deployed in CrazyHunter Ransomware Campaigns – Active IOCs

North Korean APT Kimsuky aka Black Banshee – Active IOCs

Sophisticated BPFDoor Malware Detected Targeting Linux Systems – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Advisory – CVE-2022-35741 – Apache CloudStack XML Vulnerability

Rewterz Threat Advisory –IBM Engineering Lifecycle Optimization Vulnerabilities

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.