March 12, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – IcedID Banking Trojan aka BokBot – Active IOCs
October 17, 2023Rewterz Threat Advisory – Multiple Apache InLong Vulnerabilities
October 17, 2023Rewterz Threat Alert – IcedID Banking Trojan aka BokBot – Active IOCs
October 17, 2023Rewterz Threat Advisory – Multiple Apache InLong Vulnerabilities
October 17, 2023
Severity
Low
Analysis Summary
CVE-2023-45143
Node.js undici module could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw with not clear cookie header on cross-origin redirect in fetch. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to obtain cookie header information, and use this information to launch further attacks against the affected system.
Impact
- Information Theft
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2023-45143
Affected Vendors
Node.js
Affected Products
- Node.js undici 5.26.1
Remediation
Upgrade to the latest version of undici, available from the undici GIT Repository.