Rewterz Threat Advisory – CVE-2023-42004 – IBM Security Guardium Vulnerability

Rewterz Threat Alert – Lazarus aka Hidden Cobra APT Group – Active IOCs

November 30, 2023

Rewterz Threat Advisory – CVE-2023-48711 – Node.js Google Translate Vulnerability

November 30, 2023

Rewterz Threat Advisory – CVE-2023-42004 – IBM Security Guardium Vulnerability

Severity

High

Analysis Summary

CVE-2023-42004

IBM Security Guardium 11.3, 11.4, and 11.5 is potentially vulnerable to CSV injection. A remote attacker could execute malicious commands due to improper validation of csv file contents.

Impact

Privileges Escalation

Indicators Of Compromise

CVE

CVE-2023-42004

Affected Vendors

IBM

Affected Products

IBM Security Guardium 11.3
IBM Security Guardium 11.4
IBM Security Guardium 11.5

Remediation

Refer to IBM Security Advisory for patch, upgrade or suggested workaround information.

IBM Security Advisory

Rewterz Threat Alert – Lazarus aka Hidden Cobra APT Group – Active IOCs

Rewterz Threat Advisory – CVE-2023-48711 – Node.js Google Translate Vulnerability

Rewterz Threat Advisory – CVE-2023-42004 – IBM Security Guardium Vulnerability

Severity

Analysis Summary

Impact

Indicators Of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan