Rewterz Threat Advisory – CVE-2023-49068 – Apache DolphinScheduler Vulnerabillity

Rewterz Threat Alert – Chaos Ransomware – Active IOCs

November 28, 2023

Rewterz Threat Alert – PatchWork APT Threat Actor Group – Active IOCs

November 28, 2023

Rewterz Threat Advisory – CVE-2023-49068 – Apache DolphinScheduler Vulnerabillity

Severity

High

Analysis Summary

CVE-2023-49068

Apache DolphinScheduler could allow a remote attacker to obtain sensitive information, caused by improper authorization validation. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.

Impact

Information Disclosure

Indicators Of Compromise

CVE

CVE-2023-49068

Affected Vendors

Apache

Affected Products

Apache DolphinScheduler 3.2.0

Remediation

Upgrade to the latest version of Apache DolphinScheduler, available from the DolphinScheduler GIT Repository.

DolphinScheduler GIT Repository

Rewterz Threat Alert – Chaos Ransomware – Active IOCs

Rewterz Threat Alert – PatchWork APT Threat Actor Group – Active IOCs

Rewterz Threat Advisory – CVE-2023-49068 – Apache DolphinScheduler Vulnerabillity

Severity

Analysis Summary

Impact

Indicators Of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan