March 11, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – CVE-2022-40237 – IBM MQ for HPE NonStop Vulnerability
February 28, 2023Rewterz Threat Alert – DarkCrystal RAT (DCRat) – Active IOCs
February 28, 2023Rewterz Threat Advisory – CVE-2022-40237 – IBM MQ for HPE NonStop Vulnerability
February 28, 2023Rewterz Threat Alert – DarkCrystal RAT (DCRat) – Active IOCs
February 28, 2023
Severity
High
Analysis Summary
CVE-2022-38389
IBM Tivoli Workload Scheduler is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources.
Impact
- Gain Access
Indicators Of Compromise
CVE
- CVE-2022-38389
Affected Vendors
IBM
Affected Products
- IBM Workload Scheduler 9.4
- IBM Workload Scheduler 9.5
- IBM Workload Scheduler 10.1
Remediation
Refer to IBM Security Advisory for patch, upgrade or suggested workaround information.